@lessondesk/schoolbus (>=3.0.43 <=5.2.1) potentially affected by unknown CVE via @tiaanduplessis/react-progressbar (=1.0.0)

@tiaanduplessis/react-progressbar NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @tiaanduplessis/react-progressbar and may be impacted: - @lessondesk/schoolbus =3.0.43, =5.2.1 Source cves: unknown CVE Source advisory:...

Malicious code in @tiaanduplessis/react-progressbar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c18eaaf382ded7fad4b78f8d9f3a489ac24d4482bdb989fe5dabea0e17c36902 The package @tiaanduplessis/react-progressbar was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199130

Malicious code in @tiaanduplessis/react-progressbar npm...

MAL-2025-191057 Malicious code in @tiaanduplessis/react-progressbar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c18eaaf382ded7fad4b78f8d9f3a489ac24d4482bdb989fe5dabea0e17c36902 The package @tiaanduplessis/react-progressbar was found to contain malicious code. Source: ghsa-malware...

@lessondesk/schoolbus (>=3.0.43 <=5.2.1) potentially affected by unknown CVE via @tiaanduplessis/react-progressbar (=1.0.0)

@tiaanduplessis/react-progressbar NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @tiaanduplessis/react-progressbar and may be impacted: - @lessondesk/schoolbus =3.0.43, =5.2.1 Source cves: unknown CVE Source advisory:...