Malicious code in composed-react-app (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11335 Malicious code in composed-react-app (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in ccs-react-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a19b5e1d7248b1e5a66bcf5c2ae1bae25a94e6948728331d29c1a363881e05b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11326 Malicious code in ccs-react-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a19b5e1d7248b1e5a66bcf5c2ae1bae25a94e6948728331d29c1a363881e05b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in acces-react (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11289 Malicious code in acces-react (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in @iherb-react-environment/config (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11270 Malicious code in @iherb-react-environment/config (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in react-pillbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab745e5454a4aede527ec57bebcb7edd1700ad72e195f290ccf92b03eb3df0e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11231 Malicious code in react-pillbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab745e5454a4aede527ec57bebcb7edd1700ad72e195f290ccf92b03eb3df0e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@1kit/react (>=0.0.74 <=0.0.149), @1kit/ui (>=0.0.14 <=0.0.90) +763 more potentially affected by CVE-2025-3191 via react-draft-wysiwyg (>=1.10.0 <=1.15.0)

react-draft-wysiwyg NPM version =1.10.0, =0.0.74, =0.0.14, =1.0.7, =0.2.2, =1.0.0, =0.0.5, =0.1.2, =1.0.2, =1.0.0, =0.0.1, =1.0.2, =2.0.54, =2.3.26 and more Source cves: CVE-2025-3191 Source advisory: SNYK:JS-REACTDRAFTWYSIWYG-8515884...

Cross-site Scripting (XSS)

Overview org.webjars.npm:react-draft-wysiwyg is an A wysiwyg on top of DraftJS. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Embedded button which will then result in saving the payload in the tag. Details Cross-site scripting or XSS is a code vulnerability...

Cross-site Scripting (XSS)

Overview react-draft-wysiwyg is an A wysiwyg on top of DraftJS. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Embedded button which will then result in saving the payload in the tag. Details Cross-site scripting or XSS is a code vulnerability that occurs whe...

Malicious code in react-domain-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c514bbaadbc88d9b8e95127869e308b2cc8e239d85380ab86c3c7c49706fb891 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-is-17 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 247abdb4fbc08d6873e144ba02bffb46eb44e39e1ac729d3564a4e1e944f5d00 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11074 Malicious code in react-is-17 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 247abdb4fbc08d6873e144ba02bffb46eb44e39e1ac729d3564a4e1e944f5d00 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11072 Malicious code in react-dnd11-html5-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea03ab2ef2fe66b3466f7832df60c5d0a36e6201648923570b06a14af396a694 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-dnd11-html5-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea03ab2ef2fe66b3466f7832df60c5d0a36e6201648923570b06a14af396a694 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11071 Malicious code in react-common-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f725d89d41b69b32bcff68f5c43863001fe8a47bf052f1efac3808dbd56f85f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-common-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f725d89d41b69b32bcff68f5c43863001fe8a47bf052f1efac3808dbd56f85f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...