Malicious code in @mx-shared/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80722921f3ba7863b8f28031aa4edf777ce8e270fab10bcead75016a286cb125 The package @mx-shared/utils was found to contain malicious code. Source: ghsa-malware 30ead10eaa18cee42152061c23ee9a84c465e687911f78dd1ae0c613f1c2b1...

Prototype pollution in swiper

Summary A prototype pollution vulnerability exists in the the npm package swiper =6.5.1, -1; let obj = ; var maliciouspayload = '"proto":"polluted":"yes"'; console.log.polluted; swiper.default.extendDefaultsJSON.parsemaliciouspayload; console.log.polluted; // prints yes - indicating that the patc...

MAL-2025-9269 Malicious code in @roosterbank/shared-utils (npm)

The package @roosterbank/shared-utils was found to contain malicious code...

Alibaba Cloud Linux 3 : 0160: maven:3.6 (ALINUX3-SA-2022:0160)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0160 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-13956: Apache HttpClient versions...

OPENSUSE-SU-2024:12027-1 maven-shared-utils-3.3.3-1.1 on GA media

These are all security issues fixed in the maven-shared-utils-3.3.3-1.1 package on the GA media of openSUSE Tumbleweed...

maven-shared-utils: Command injection via Commandline class

A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...

Malicious Package

Overview arcgis-charts-shared-utils is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if thi...

Malicious Package

Overview slg-shared-utils is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

maven-shared-utils: Command injection via Commandline class

A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...

maven-shared-utils: Command injection via Commandline class

A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...

OESA-2022-1684 maven-shared-utils security update

This package can be the functional replacement of plexus-utils in Maven. At the same time, the package has many hightlights, such as: a lot of methods got cleaned up, generics got added and a lot of unused code dropped. Security Fixes: In Apache Maven maven-shared-utils prior to version 3.3.3, th...