42 matches found
Malicious Package
Overview react-svg-fill is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package...
Malicious Package
Overview react-svg-supporter is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...
Malicious code in react-svg-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9b392459196e5602d6e40cd38445d10e87e49d85b53b966aee554dd758fc1bd The package react-svg-module was found to contain malicious code. Source: ghsa-malware dd046bd4ddd4da53330303e0802201fda828bce7e1a21524aa7fc0da1fed95...
MAL-2025-190571 Malicious code in react-svg-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e399f2b08fcb5a17dce3bb49a4f5dbeec6d8c56b34dab5586e8a84c5232d08 The package react-svg-helper was found to contain malicious code. Source: ghsa-malware f872307ebcfe0abab5b4fb796f5d770fd3678292ff059768bc62144d97fe03...
EUVD-2025-198131
Malicious code in react-svg-module npm...
EUVD-2025-198132
Malicious code in react-svg-helper npm...
Malicious Package
Overview react-svg-module is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-190572 Malicious code in react-svg-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9b392459196e5602d6e40cd38445d10e87e49d85b53b966aee554dd758fc1bd The package react-svg-module was found to contain malicious code. Source: ghsa-malware dd046bd4ddd4da53330303e0802201fda828bce7e1a21524aa7fc0da1fed95...
Malicious code in react-svg-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e399f2b08fcb5a17dce3bb49a4f5dbeec6d8c56b34dab5586e8a84c5232d08 The package react-svg-helper was found to contain malicious code. Source: ghsa-malware f872307ebcfe0abab5b4fb796f5d770fd3678292ff059768bc62144d97fe03...
Malicious Package
Overview react-svg-helper is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview inline-react-svg is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-36777
Malicious code in inline-react-svg npm...
Malicious code in inline-react-svg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c39f65737779d34f941dcee3ee4e332a0ca54196d2cbc4e848e57e20ecf85893 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-49011 Malicious code in inline-react-svg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c39f65737779d34f941dcee3ee4e332a0ca54196d2cbc4e848e57e20ecf85893 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5517 Malicious code in react-svg-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d1b4540b7accc26da839119cb9cee8be93e168c74f00d68eb96e60241796fbf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-svg-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d1b4540b7accc26da839119cb9cee8be93e168c74f00d68eb96e60241796fbf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5167 Malicious code in react-svg-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af2a1717363aad3bb129687fc2526ded4d96a8d7e578862b6d400cf5864e1985 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-svg-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af2a1717363aad3bb129687fc2526ded4d96a8d7e578862b6d400cf5864e1985 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-8XQR-4CPM-WX7G Cross-Site Scripting in react-svg
Versions of react-svg before 2.2.18 are vulnerable to cross-site scripting xss. This is due to the fact that scripts found in SVG files are run by default. Recommendation Update to version 2.2.18 or later...
Cross-Site Scripting in react-svg
Versions of react-svg before 2.2.18 are vulnerable to cross-site scripting xss. This is due to the fact that scripts found in SVG files are run by default. Recommendation Update to version 2.2.18 or later...