26 matches found
MAL-2025-55020 Malicious code in reactjs-fabric (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b531a9e3325f1fd726f8701788421a371bdc906c43ce0936034102f34f7d18e8 The package reactjs-fabric was found to contain malicious code. Source: ghsa-malware caed8c64b1139916ddbdb9d303208e80711537ff2e907c8533c12e07ae75cfaf...
Malicious code in reactjs-fabric (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b531a9e3325f1fd726f8701788421a371bdc906c43ce0936034102f34f7d18e8 The package reactjs-fabric was found to contain malicious code. Source: ghsa-malware caed8c64b1139916ddbdb9d303208e80711537ff2e907c8533c12e07ae75cfaf...
Malicious Package
Overview reactjs-fabric is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2022-1402
Malicious code in bioql PyPI...
MAL-2025-6377 Malicious code in vite-plugin-reactjs-refresh (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4abf589cdec43e8ba609988d38155d5965b59ac6a83b1d251405fdf13629cdce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vite-plugin-reactjs-refresh (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4abf589cdec43e8ba609988d38155d5965b59ac6a83b1d251405fdf13629cdce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in client-microsite-reactjs-controls (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e7614cd043fdaba853ac20fee4ef3aaa1ff2d0cc51534ca1ab3bc89a636d654 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-24740
Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user's account and...
CVE-2025-4868
A vulnerability was found in merikbest ecommerce-spring-reactjs up to 464e610bb11cc2619cf6ce8212ccc2d1fd4277fd. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v1/admin/ of the component File Upload Endpoint. The manipulation of the argument...
ecommerce-spring-reactjs 路径遍历漏洞
ecommerce-spring-reactjs is an e-commerce webstore by the individual developer Miroslav Khotinskiy. A path traversal vulnerability exists in ecommerce-spring-reactjs, which stems from incorrect manipulation of the parameter filename in the component File Upload Endpoint resulting in path traversa...
MAL-2024-1603 Malicious code in icon-reactjs (npm)
This package is considered malicious because it contains code to spam Telegram channels and Whatsapp channels with fake payment confirmations...
Malicious code in icon-reactjs (npm)
This package is considered malicious because it contains code to spam Telegram channels and Whatsapp channels with fake payment confirmations...
Malicious code in reactjs-slick (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0910b3fc5903217a504c18e901cac180c999ea29393221d0264add396238aca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5691 Malicious code in reactjs-slick (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0910b3fc5903217a504c18e901cac180c999ea29393221d0264add396238aca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in prism-reactjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 707b19d37c3b6484bb7269648a9988ecf449639f04efed8152a2a8e942275d49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5460 Malicious code in prism-reactjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 707b19d37c3b6484bb7269648a9988ecf449639f04efed8152a2a8e942275d49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6723 Malicious code in ual-reactjs-renderer-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 51f103cbd42e4c8208e6cc75f422cc09ce4766ad160032a8fbd7529826851757 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-24740
Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user's account and...
Authentication flaw
Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user's account and...
CVE-2022-24740 Improper Authentication in Volto
Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user's account and...