Lucene search
K

223 matches found

CNNVD
CNNVD
added 2026/01/13 12:0 a.m.7 views

Semantic release 安全漏洞

Semantic release is a Js-based versioning and package distribution tool from the Semantic Release team. A security vulnerability exists in Semantic release version 5.4.8, which stems from the fact that sending specially crafted HTTP requests to various API endpoints can bypass authentication...

8.6CVSS5.8AI score0.00428EPSS
Exploits1References4
EUVD
EUVD
added 2025/11/25 12:16 a.m.5 views

EUVD-2025-199390

Malicious code in @voiceflow/semantic-release-config npm...

6.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.7 views

Malicious code in @voiceflow/semantic-release-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95a6c9bc458bfc9330434e338d86e85de8f5e6f5a2374749939e909a392268ad The package @voiceflow/semantic-release-config was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
Snyk
Snyk
added 2025/11/24 4:24 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in eslint-plugin-semantic-release-chalk-fusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7f76b381638ad18356b8c8d18b10785d541bf3b50f7d3ed0032bd37f205212b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-176456

Malicious code in sedna-semantic-release-meissa-winston npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-179665

Malicious code in comet-norma-semantic-release-rest npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-189438 Malicious code in semantic-release-aether-buffer-concurrently (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ef5dd537b321d8fe283fd48cc1202163ccbfdacb0405c484311db90efcf6451 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-179033

Malicious code in eslint-plugin-semantic-release-chalk-fusion npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-175888

Malicious code in transport-semantic-release-cressida-middleware npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-180326

Malicious code in ariel-semantic-release-optimize-css-assets-webpack-plugin-prettier-plugin-markdown npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.9 views

Malicious code in comet-norma-semantic-release-rest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32d7b6f4630255380dcea5a3bf2611344de910b5a96a201e142940f865f9cc09 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-179005

Malicious code in event-miranda-rest-semantic-release npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-175667

Malicious code in vulcan-semantic-release-pino-adonis npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-177602

Malicious code in nightwatch-abiogenesis-semantic-release-supercluster npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.6 views

EUVD-2025-177820

Malicious code in mira-pipe-stratigraphy-semantic-release npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-176437

Malicious code in semantic-release-aether-buffer-concurrently npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in nightwatch-abiogenesis-semantic-release-supercluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c04dce162afc7d6c59dc05512d4f23f6779a6891e85414c6a52032e9fc0c2d7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-190209 Malicious code in vulcan-semantic-release-pino-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c72d9e409094829214238543e07bf97ca0de11f012ae732f970551021eb40d66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in vulcan-semantic-release-pino-adonis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c72d9e409094829214238543e07bf97ca0de11f012ae732f970551021eb40d66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder