13 matches found
Malicious code in moneykit-cardano-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6186e5ec8b6cea4f1cec3b4284cf09f2e317dd7d745fb5f88e15b355497d08e package.json declares preinstall: node index.js, which fires automatically on npm install. index.js collects host identifiers and OS files —...
CVE-2026-6357
pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...
CVE-2026-6357
pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...
PT-2026-35435
Name of the Vulnerable Software and Affected Versions pip versions prior to 26.1 Description The self-update check functionality runs after installing wheel files, which requires importing well-known Python module names. These imports were deferred to improve the startup time of the pip CLI. This...
MAL-2025-123641 Malicious code in tomi-lodeh73-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1b8d0873453a9d8d5ea3d0958cd6ea30f8e21332c4019b378396dd5f27bc494 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-84671 Malicious code in direct_egret_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e3095847d8cb8ed6e35ec453c3b6a5fc43c9f36bc98ecbaf4f8d7a03df11d60 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-89184 Malicious code in okta-mendut78-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d75ded6ca38375495e1daff651760365a89c63a56b75906e4971a6a8caddc1bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hollow_penguin_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d472e26bcbfb9d31cbcd3717dd48a766b667a5c412eb61917c89256e8899388c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in copy-package-contents (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 219b6f163c59d78fd936297643511fdfb25a63f8ed99ce66949104cdf17efcad Any computer that has this package installed or running should be considered...
CVE-2021-39135
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
Man-in-the-Middle (MitM)
moneta is vulnerable to man-in-the-middle attacks. The package resolves package dependencies via an insecure HTTP channel, allowing an attacker in the network to modify package contents during build...
Malicious Package
strongpassword v0.0.7 is a malicious package. The vulnerability exists as it hides a remote code execution exploit in this version of the gem. The package contents from https://pastebin.com/raw/xa456PFt would then be executed...
Mandriva Linux Security Advisory : python-setuptools (MDVSA-2013:227)
A vulnerability has been discovered and corrected in python-setuptools/python-virtualenv : easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute...