4915 matches found
Malicious code in unguess-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3c0670b47eb6c06abe309a5b09c95182ad516cd5127af1c04f5bc8dea0800994 The OpenSSF Package Analysis project identified 'unguess-react' @ 1.5.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-8956 Malicious code in unguess-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3c0670b47eb6c06abe309a5b09c95182ad516cd5127af1c04f5bc8dea0800994 The OpenSSF Package Analysis project identified 'unguess-react' @ 1.5.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-8936 Malicious code in airwallex-platform-onboarding-sdk-demo-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 503945e9961e51c2bd3819eeedc20ff255058a1873baf46726c646e08f43e2f5 The OpenSSF Package Analysis project identified 'airwallex-platform-onboarding-sdk-demo-react' @ 1.0.0 npm as malicious. It is considered...
D-Tale Command Execution Vulnerability
D-Tale is the combination of a Flask back-end and a React front-end to bring you an easy way to view & analyze Pandas data structures. In dtale\views.py, under the route @dtale.route"/chart-data/", the query parameters from the request are directly passed into runquery for execution. And...
GHSA-FG5M-M723-7MV6 D-Tale Command Execution Vulnerability
D-Tale is the combination of a Flask back-end and a React front-end to bring you an easy way to view & analyze Pandas data structures. In dtale\views.py, under the route @dtale.route"/chart-data/", the query parameters from the request are directly passed into runquery for execution. And...
Malicious code in @maas-themes/eslint-config-react-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 76dd3e73ed32149194358782c120547fddea51353f2ed5f56384a8ff2f0e828c The OpenSSF Package Analysis project identified '@maas-themes/eslint-config-react-typescript' @ 3.1.4 npm as malicious. It is considered malicio...
Malicious code in react-rps-boilerplate (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b11c1a1b418f9d157a025f06882888a1836ebd32d5cec473f4aca9c82cf8f2ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8061 Malicious code in react-rps-boilerplate (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b11c1a1b418f9d157a025f06882888a1836ebd32d5cec473f4aca9c82cf8f2ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in prettier-config-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4241fd6088878cd356569ae38a56d91f4c9f0819334d7fdf2fd40546ea6143e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in tsconfig-react-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4aff665839335434b8a93a1a8881d423eb7ff5ab92725d898e4db717468a59e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8042 Malicious code in tsconfig-react-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4aff665839335434b8a93a1a8881d423eb7ff5ab92725d898e4db717468a59e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in eslint-config-react-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fda3631232466ff38fcdeac8d90d36bcfb72f632a3055055d5e0b19ef17b500b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8037 Malicious code in prettier-config-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4241fd6088878cd356569ae38a56d91f4c9f0819334d7fdf2fd40546ea6143e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8032 Malicious code in eslint-config-react-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fda3631232466ff38fcdeac8d90d36bcfb72f632a3055055d5e0b19ef17b500b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE CVE-2024-42347
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the...
MAL-2024-7965 Malicious code in iva-react-web-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94e079d8c7b731da869ff846e164d4a9c87faed0108d764e4048bde129a25f17 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in iva-react-web-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94e079d8c7b731da869ff846e164d4a9c87faed0108d764e4048bde129a25f17 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in uitk-react-scrollable (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15932e6247991a719ff0f98bbb3b9d13ffa6458ac4bce5835a7a691f8b52a6e7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in uitk-react-calendar (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea103fb47eaf7b83ad10f5bbba8f4806de1cf066e8fce87deef49cdb0526a7bd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in uitk-react-date-selector (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware de6ee4dca1959ae6d3b5effe21716f2df3684ac2456897446d0b0706dd26265d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...