4880 matches found
Malicious code in react-experimental-builtin (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11430 Malicious code in react-experimental-builtin (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11369 Malicious code in iherb-react-environment (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in iherb-react-environment (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in composed-react-app (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11335 Malicious code in composed-react-app (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in ccs-react-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a19b5e1d7248b1e5a66bcf5c2ae1bae25a94e6948728331d29c1a363881e05b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11326 Malicious code in ccs-react-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a19b5e1d7248b1e5a66bcf5c2ae1bae25a94e6948728331d29c1a363881e05b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11289 Malicious code in acces-react (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in acces-react (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @iherb-react-environment/config (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11270 Malicious code in @iherb-react-environment/config (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in react-pillbox (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab745e5454a4aede527ec57bebcb7edd1700ad72e195f290ccf92b03eb3df0e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11231 Malicious code in react-pillbox (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab745e5454a4aede527ec57bebcb7edd1700ad72e195f290ccf92b03eb3df0e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
@1kit/react (>=0.0.74 <=0.0.149), @1kit/ui (>=0.0.14 <=0.0.90) +762 more potentially affected by CVE-2025-3191 via react-draft-wysiwyg (>=1.10.0 <=1.15.0)
react-draft-wysiwyg NPM version =1.10.0, =0.0.74, =0.0.14, =1.0.7, =0.2.2, =1.0.0, =0.0.5, =0.1.2, =1.0.2, =1.0.0, =0.0.1, =1.0.2, =2.0.54, =2.3.26 and more Source cves: CVE-2025-3191 Source advisory: SNYK:JS-REACTDRAFTWYSIWYG-8515884...
Cross-site Scripting (XSS)
Overview org.webjars.npm:react-draft-wysiwyg is an A wysiwyg on top of DraftJS. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Embedded button which will then result in saving the payload in the tag. Details Cross-site scripting or XSS is a code vulnerability...
Cross-site Scripting (XSS)
Overview react-draft-wysiwyg is an A wysiwyg on top of DraftJS. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Embedded button which will then result in saving the payload in the tag. Details Cross-site scripting or XSS is a code vulnerability that occurs whe...
Malicious code in react-domain-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c514bbaadbc88d9b8e95127869e308b2cc8e239d85380ab86c3c7c49706fb891 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11074 Malicious code in react-is-17 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 247abdb4fbc08d6873e144ba02bffb46eb44e39e1ac729d3564a4e1e944f5d00 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-is-17 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 247abdb4fbc08d6873e144ba02bffb46eb44e39e1ac729d3564a4e1e944f5d00 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...