4 matches found
Malicious Package
Overview vercel-repros is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in vercel-repros (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 61ab9d6c179c19b7bd4e20a4c65605457887724fa5f2bd4e0abfcdea66f7ff2f The OpenSSF Package Analysis project identified 'vercel-repros' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-11892 Malicious code in vercel-repros (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 61ab9d6c179c19b7bd4e20a4c65605457887724fa5f2bd4e0abfcdea66f7ff2f The OpenSSF Package Analysis project identified 'vercel-repros' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Internet Bug Bounty: Bad Write in TTF font parsing (win32k.sys)
This bug was originally reported through Project Zero at Google. Alex Rice suggested to me that I could potentially receive a bounty through Hacker One so I am also opening a report here. The vulnerability reference numbers are MS15-010 CVE-2015-0059 The original bug report is...