User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation via the X-Forwarded-Uri header when the --reverse-proxy setting is enabled and either --skip-auth-regex or --skip-auth-route is configured. An attacker can gain unauthorized access to protected routes by spoofing the...

CVE-2025-1243

The Temporal api-go library prior to version 1.44.1 did not send update response information to Data Converter when the proxy package within the api-go module was used in a gRPC proxy prior to transmission. This resulted in information contained within the update response field not having Data...

MAL-2025-24683 Malicious code in kk-proxy (npm)

The package kk-proxy was found to contain malicious code...

MAL-2025-1045 Malicious code in pages-proxy (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e215918f5cc85a894233afe08ebb076c28300732fbfd5f8be0aab954b5e455bb Any computer that has this package installed or running should be considered...

Malicious code in @mosfe/portal-proxy (npm)

--- -= Per source details. Do not edit below this line.=-...