5 matches found
Weak Random Value Generation For Secrets (weak PRNG)
Spring Boot is vulnerable to the use of a weak pseudo-random number generator PRNG. The vulnerability is due to the use of predictable random value sources e.g., $random.value, $random.int, $random.long, which allows an attacker to guess or brute-force generated secrets and compromise application...
Malicious code in latoken-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4deb1d0e6195e2e52b15c4809decbc35fba20798ba8ab501f3d8558296562d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8751 Malicious code in bwiueor (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a58c7ce1a6c1340dfe0646fa5ffe8b5916b1476bd1c511dde3c799c8d93b37d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3 Malicious code in --legacy-peer-deps (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9016f41e70e542399b68b5d9e362563751dedbff976a3bd66808702c420f35f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in r2act (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 666edae682afb251329ec39465aabdd8af84df52f5db6718723db0c65fc3b429 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...