7 matches found
Malicious Package
Overview package-x is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
EUVD-2021-1332
Malware in sbrugna...
MAL-2025-47593 Malicious code in package-x (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c97a3da4527d6f380ebdc150b7825a38cd9e5f84f7c854b9eabbef547c69c807 Any computer that has this package installed or running should be considered...
Malicious code in package-x (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c97a3da4527d6f380ebdc150b7825a38cd9e5f84f7c854b9eabbef547c69c807 Any computer that has this package installed or running should be considered...
Malicious code in @zalastax/nolb-dsr-package-x (npm)
The package @zalastax/nolb-dsr-package-x was found to contain malicious code...
Code injection
This affects all versions of package x-assign. The global proto object can be polluted using the proto object...
CVE-2021-23452
CVE-2021-23452 affects all versions of the package x-assign . The flaw is a prototype pollution vulnerability: an attacker can pollute the global proto object via the proto property, enabling manipulation of object prototypes and potentially leading to DoS or remote code execution as discussed in...