MAL-2025-48757 Malicious code in replit-desktop-release-server (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2aa0c034e3024953db127491a502d64e19cd59000927b5e124c52a6ebc1db8ff Any computer that has this package installed or running should be considered...

Malicious code in replit-desktop-release-server (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2aa0c034e3024953db127491a502d64e19cd59000927b5e124c52a6ebc1db8ff Any computer that has this package installed or running should be considered...

EUVD-2022-0509

Malicious code in bioql PyPI...

CVE-2022-21671

@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...

MAL-2024-65 Malicious code in replit-extensions-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7462f6e9b4a4fb60632168e7333f43126c172c42dbe957ea9288df7461840fa1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in replit-extensions-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7462f6e9b4a4fb60632168e7333f43126c172c42dbe957ea9288df7461840fa1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Exploit for Command Injection in Chamilo

CVE-2023-34960 - Mass unauthenticated command injection Chami...

crosis information leakage vulnerability

crosis is a JavaScript client that uses the Replit container protocol. crosis is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to obtain a token used to connect to Repl...

GHSA-7W54-GP8X-F33M Potential exposure of tokens to an Unauthorized Actor

Impact When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are multiple failed attempts to contact Replit through a WebSocket, the library will attempt to communicate using a fallback poll-based proxy. The URL of the proxy has changed, so...

CVE-2022-21671

@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...

CVE-2022-21671

The CVE-2022-21671 issue affects @replit/crosis (JavaScript client for Replit’s container protocol) in versions before 7.3.1. When multiple WebSocket contact attempts fail, the client falls back to a polling proxy whose URL may route to an untrusted server, enabling an attacker to obtain the Repl...

CVE-2022-21671 Potential exposure of Replit tokens to an Unauthorized Actor in @replit/crosis

@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...

CVE-2022-21671 Potential exposure of Replit tokens to an Unauthorized Actor in @replit/crosis

@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...

CVE-2022-21671 Potential exposure of Replit tokens to an Unauthorized Actor in @replit/crosis

@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...

crosis 安全漏洞

crosis is a JavaScript client that uses the Replit container protocol. crosis is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to obtain a token used to connect to Repl...

PT-2022-15025 · Replit · @Replit/Crosis

Name of the Vulnerable Software and Affected Versions: @replit/crosis versions prior to 7.3.1 Description: A vulnerability exists that involves exposure of sensitive information. When using the library to communicate with Replit in a standalone fashion, if there are multiple failed attempts to...