96 matches found
CVE-2025-30204 affecting package rook for versions less than 1.6.2-29
CVE-2025-30204 affecting package rook for versions less than 1.6.2-29. A patched version of the package is available...
CVE-2025-11065 affecting package rook for versions less than 1.6.2-29
CVE-2025-11065 affecting package rook for versions less than 1.6.2-29. A patched version of the package is available...
CVE-2026-34986 vulnerabilities
Vulnerabilities for packages: flux-operator, zarf, tempo, skaffold, argo-cd, spire-controller-manager, dkron, witness, ksops, gcsfuse, gitaly, buildah, harbor-registry, sigstore-scaffolding, pulumi, traefik, dagdotdev, k8sgpt, terragrunt, xeol, grype, trillian, ratify, falco-no-driver, k9s,...
GHSA-78H2-9FRX-2JM8 vulnerabilities
Vulnerabilities for packages: flux-operator, zarf, tempo, skaffold, argo-cd, spire-controller-manager, dkron, witness, ksops, gcsfuse, gitaly, buildah, harbor-registry, sigstore-scaffolding, pulumi, traefik, dagdotdev, k8sgpt, terragrunt, xeol, grype, trillian, ratify, falco-no-driver, k9s,...
AZL-75564 CVE-2025-11065 affecting package rook 1.6.2-27
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
EUVD-2025-117142
Malicious code in querulous-tomato-rook npm...
EUVD-2025-117102
Malicious code in serious-lime-rook npm...
Malicious code in querulous-tomato-rook (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4576a5b87a9b1b10ca144423586d36a7b826df4efe3835bfc69499d18f9034d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-125202 Malicious code in biological_rook_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59cf57f089a40fafa15de7e4d91a066850ab059ed7cec7292dfa854c6c6697b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-101022
Malicious code in biologicalrookz3n npm...
Malicious code in breezy_rook_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7fc2e3ae1960205baa285dfac7aa63000c5d33672f8a1d756a55845f38e8aca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-131466 Malicious code in xenial_rook_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 618d66353f098af9b749454698a255cc1e7956826bd66587bcf6a1df18fdeb52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-120143 Malicious code in fresh_rook_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff1c0abf961a5672d03d5ec6c2ea73e73b285426eb7c24eb2116b3a1c7b03da5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-105768
Malicious code in disabledrookz3n npm...
Malicious code in partial_rook_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d19407ce8db6232ab8663e24c638a7f3707b12dd2f254da277d05d46d9ebb556 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-89436
Malicious code in primerookz3n npm...
EUVD-2025-88680
Malicious code in squarerookz3n npm...
Malicious code in urban_rook_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46615d0d32f32f96a9c84a3690d1bc621cdd4cfc12522855c946ef84a514015b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-74576
Malicious code in hilariousrookmoccasin-9 npm...
EUVD-2025-76297
Malicious code in meltedrook-strongdev npm...