16 matches found
MAL-2026-6468 Malicious code in ts-opus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73b0105b34723dd6e1449c3353d1d4df0dcf94ae460a4dfd156566bb4ba372c7 ts-opus 0.0.8 ships an unmodified copy of MikeMcl/big.js README, copyright, and repository URL all reference big.js but injects an additional top-lev...
Malicious code in ts-opus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73b0105b34723dd6e1449c3353d1d4df0dcf94ae460a4dfd156566bb4ba372c7 ts-opus 0.0.8 ships an unmodified copy of MikeMcl/big.js README, copyright, and repository URL all reference big.js but injects an additional top-lev...
Malicious code in new-mjs-eslint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4ae24b182a00059424b8ea4800927bbbf662f0e6bf20264af611d37203a3f2e Package is published under the unrelated name 'new-mjs-eslint' but ships a verbatim copy of the big.js decimal-arithmetic library original...
Malicious code in new-ecro-1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c4e172aa83f2b8742fb014ea649490c87815573cab692ea74eb402ee23f935c Package new-ecro-1 impersonates the legitimate big.js library by shipping its source verbatim banner, license, and homepage pointing at MikeMcl/big.j...
EUVD-2026-24576
free5GC AMF: Missing default case in Content-Type switch in HTTPUEContextTransfer...
CVE-2023-1768
Inappropriate error handling in Tribe29 Checkmk = 2.1.0p25, = 2.0.0p34, = 2.2.0b3 beta, and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain configurations...
DEBIAN-CVE-2025-22031
In the Linux kernel, the following vulnerability has been resolved: PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion When BIOS neglects to assign bus numbers to PCI bridges, the kernel attempts to correct that during PCI device enumeration. If it runs out of bus numbers, no pcibu...
EulerOS Virtualization 2.11.0 : curl (EulerOS-SA-2024-2189)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2134)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : curl (EulerOS-SA-2024-2022)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowe...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-1878)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowe...
SUSE CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...
DEBIAN-CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...
ALPINE-CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...
AZL-37069 CVE-2024-2398 affecting package cmake for versions less than 3.21.4-14
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...
UBUNTU-CVE-2024-2398
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...