7 matches found
CVE-2026-15895
OS command injection in the npm package loading component in AWS jsii-diff before 1.131.0 might allow context-dependent attackers to execute arbitrary commands via crafted package specifiers passed to the npm: source argument. To mitigate this issue, users should upgrade to jsii-diff v1.131.0 or...
nodejs:22 security update
nodejs 1:22.22.0-1 - Update to 22.22.0 Resolves: RHEL-141879 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 2.0.20-2 - Patch bundled glob-parent - Resolves: CVE-2021-35065 2.0.20-1 - Rebase to 2.0.20 Resolves: CVE-2022-3517 2.0.15-1 - Resolves: RHBZ2005419 - Resolves...
MAL-2025-2850 Malicious code in bitrue-test (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1851 Malicious code in instacart-admin (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-868 Malicious code in signup-ui-url-generator (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-864 Malicious code in qwant-extension (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11483 Malicious code in varmor (npm)
--- -= Per source details. Do not edit below this line.=-...