234 matches found
MAL-2025-55924 Malicious code in dono-gembus27-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3840fb7359d08db4f77a310fb3d5b655a195432781896decf1ed22494cfdba32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in arif-sambel49-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce236c431811088c5a1347102a4721431fc49b634c789304b21fe6d3d5438177 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-56381 Malicious code in formal_swift_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1990e13459bfb088d4768132f3f65ed6ec1c0505e9a2cba10c1fd39decb2828 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-59388 Malicious code in wati-jus26-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aecce5d95093a076ac37c7371557c4da4d2e0106e89800074f492bfe87dc5ef2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54232 Malicious code in putra-lumpur69-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 151b16382847e47e45ed043294e4c2a60594f78f810bd58bdf7b9f2e1f252065 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in putri-ikan82-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cffb2a642894623e0fc39717d9655ec8342cc603b03815b51b653738f3af70d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-53982 Malicious code in okta-peyek34-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c08e856de8b103318a16269a338ba094115ca2c27f31c002548160e70b2e1bea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in vera-empal99-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 908fafc9175790f93ecc592c9462ad4285296bbd6a54a318323ad29ae449a450 The package vera-empal99-sukiwir was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flood...
Malicious code in vera-asinan33-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23941488bb0d49a48a460cf7c842308877ec81f02b5a8a5baff394477aa01113 The package vera-asinan33-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that floode...
Malicious code in cindy-tahutek22-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a4f082c20ff24b39d11a3484644face7c6af321cac40e2337ae69c038d304e7 The package cindy-tahutek22-miaww was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
MAL-2025-51217 Malicious code in candra-mieaceh93-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d62901fb69cf3a7bcc41efca2f38a7546bd725b2c72c667b4f4b063d869bd99e The package candra-mieaceh93-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
Security Bulletin: A security vulnerability has been identified in FFMpeg shipped with IBM Watson Machine Learning Community Edition (WMLCE) containers
Summary The following CVEs have been resolved as part of this security update. This only affects container images since this package is not published as part of the WMLCE Conda channel. Vulnerability Details CVEID: CVE-2019-15942 DESCRIPTION: FFmpeg is vulnerable to a denial of service, caused by...
CVE-2019-15587
In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...
Loofah XSS Vulnerability
In the Loofah gem, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...