6 matches found
MAL-2026-4359 Malicious code in @agora-sdk/react-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9febb9d8dda2eea07ef909b9713ca6531c4a5b51a75fd730a312bec8d8a11135 Package is published under the '@agora-sdk' scope, strongly associated with Agora.io's real-time-communications SDKs, but its actual contents are a...
EUVD-2025-44032
Malicious code in reactjs-fabric npm...
Malicious code in phone-mockup-react-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f6a1418f459219963b15e9792b3f8721f33e7d7f3bf802a570652c6f3a5faad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-36060
CVE-2022-36060 concerns prototype pollution in matrix-react-sdk. Connected sources describe that, in certain configurations, specially crafted strings in data sent to the SDK could modify Object.prototype, disrupting normal rendering of rooms/events and potentially causing denial of service or lo...
Malicious code in react-js-buy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a57c23ff3279707f264657c233f419640a86803b77fe4e11485fa4bcf2ee2710 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5652 Malicious code in react-js-buy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a57c23ff3279707f264657c233f419640a86803b77fe4e11485fa4bcf2ee2710 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...