5 matches found
MAL-2026-5610 Malicious code in coderzero (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bd26d5ae306572deded5926f2a32dd34de72377da3363cafc4c4026b9c5a93d When a user runs the coderzero CLI, the bundled Python client client/noderzero.py starts a clipboard monitor that polls pyperclip.paste every 300ms a...
MAL-2026-5464 Malicious code in db-xorma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1428486c71a3cd7d89ea90a17631bb5dc0fee7e11a6cbb4d8029a8b25268c7d2 db-xorma advertises itself as a reactive in-memory database library. When a consumer creates any Model instance the documented entry point, the...
Malicious code in auth-basic-vault (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3227380d9ef91ce63237acc9656b88a50b29aeeb05c594b700c5936a7527543 On require'auth-basic-vault', lib/writer.js attempts to require'authcascade' at module top level and, on failure, shells out via execSync to npm...
openSUSE 16 Security Update : pnpm (openSUSE-SU-2025-20115-1)
"The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20115-1 advisory. Changes in pnpm: - update to 10.22.0: Minor Changes - Added support for trustPolicyExclude 10164. You can now list one or more specific package...
SUSE-SU-2022:2990-1 Security update for flatpak
This update for flatpak fixes the following issues: - CVE-2021-21381: Fixed an issue where a sandboxed application could read and write arbitrary host files via special tokens in the .desktop file bsc1183459. - CVE-2021-21261: Fixed a sandbox escape issue via the flatpak-portal service bsc1180996...