4876 matches found
CVE-2022-36046
CVE-2022-36046 (Next.js) affects Next.js 12.2.3 when run on Node.js > v15 with strict unhandledRejection and using next start or a custom server; deployments on Vercel are not affected. The issue causes a denial of service via unhandledRejection handling in the server, leading to a crash under...
CVE-2022-36046 Unexpected server crash in Next.js version 12.2.3
Next.js is a React framework that can provide building blocks to create web applications. All of the following must be true to be affected by this CVE: Next.js version 12.2.3, Node.js version above v15.0.0 being used with strict unhandledRejection exiting AND using next start or a custom server...
Malicious code in react-solid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 65f31f2a845162d09304994526f18185ac76fcb1523ca16708bd87d6a1ce19b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5674 Malicious code in react-solid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 65f31f2a845162d09304994526f18185ac76fcb1523ca16708bd87d6a1ce19b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in social-media-icons-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca362d17a667da1d094b044be149065c8d362cc8ae8e0dbd43bfdb0e9c537df7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview react-dom18 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Malicious Package
Overview react-dom17 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
animation-directive (>=1.0.0 <=1.1.1), lrc-common (=1.1.1) +1 more potentially affected by unknown CVE via webpack-cil (=0.0.1-security)
webpack-cil NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on webpack-cil and may be impacted: - animation-directive =1.0.0, =1.0.0, =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2022-7100...
Malicious code in semanitco-i-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7953257cbf0da1021882175f5f8b270acbd0f4489a5e91451d5d2d0f3ccd4cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6007 Malicious code in semanitco-i-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7953257cbf0da1021882175f5f8b270acbd0f4489a5e91451d5d2d0f3ccd4cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5645 Malicious code in react-erro-roevrlay (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c73f6967c5add4d8ba288d24e7f5dca715c764fa83db8368704512bcde3f33aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5655 Malicious code in react-nati0e-vecor-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e0e350c78d225cd75ed5e2ca0291e0d192e6892797c1a7a61c762bfcb2fe39e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-addons-csgtransition-group (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91dd68f9a036ce8b4eaafd804e42bffb33a88e09c44772a5314f7203c9f8ddda Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-cionx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3e3849090250a1ee74742b012e19a14658dc8aec1ca7aa1cc0353cd6c48eb90 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-nati0e-vecor-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e0e350c78d225cd75ed5e2ca0291e0d192e6892797c1a7a61c762bfcb2fe39e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-erro-roevrlay (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c73f6967c5add4d8ba288d24e7f5dca715c764fa83db8368704512bcde3f33aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5634 Malicious code in react-cionx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3e3849090250a1ee74742b012e19a14658dc8aec1ca7aa1cc0353cd6c48eb90 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5630 Malicious code in react-addons-csgtransition-group (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91dd68f9a036ce8b4eaafd804e42bffb33a88e09c44772a5314f7203c9f8ddda Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1413 Malicious code in babel-preset-reatc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0969848ef493fcc6aa961ac138255ef7f702d4035b373a2961cdd56cd6118b30 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ractnative (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13712f2e5e0e0ef3e2f23f220a2abbdd495085a6b3091e14510129580b3aacff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...