Malicious code in postcss-gammarayburst-whitedwarf-archaeoastronomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b56c9b24eb32595375691f99f8c8ddc7daae29986e1c42dd18f09dcebcd5a33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-development-cosmogenic-mongodb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f482ac6e62892d5ceda6f97905d2b05160346c3470ce98335fb68ac7972e391 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123503

Malicious code in postcss-postcss-package-impulse npm...

Malicious code in postcss-yaml-lynx-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7991fb1fffadbc9283f03779f51fa19d71c12c033f9ba3a11c26f4941dcd670 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146418 Malicious code in postcss-postcss-package-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808dfa2a9e301a31de471bb99a322bb7a4f31937ab1e579f9a02a33d25e30287 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-loader-yakutsk-europa-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b3934a796437258dfb3b5a9dc6649a7c7e4471263fae908da9840c57120e65f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-magellan-ursa-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fce8458ed2741ec54d9c40e4518395ab915bd46356a551b9e18b8511ef6e3f8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postcss-postcss-package-impulse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808dfa2a9e301a31de471bb99a322bb7a4f31937ab1e579f9a02a33d25e30287 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146416 Malicious code in postcss-magellan-ursa-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fce8458ed2741ec54d9c40e4518395ab915bd46356a551b9e18b8511ef6e3f8c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in postgres-rocket-install-postcss (npm)

The package postgres-rocket-install-postcss was found to contain malicious code...

Debian: Security Advisory (DLA-4003-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-23382

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /\s sourceMappingURL=...

CVE-2021-23368 Regular Expression Denial of Service (ReDoS)

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...