39 matches found
Solara <1.35.1 - Local File Inclusion
A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../' when serving static files. ...
Malicious Package
Overview solara-websocket-dll is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-37949
Malicious code in solara-websocket-dll npm...
Malicious code in solara-websocket-dll (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7987caa0572ba7ba558b028e0c1e8c9fe84db279417057afc890d78435b290 The package solara-websocket-dll was found to contain malicious code. Source: ghsa-malware...
MAL-2025-49376 Malicious code in solara-websocket-dll (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7987caa0572ba7ba558b028e0c1e8c9fe84db279417057afc890d78435b290 The package solara-websocket-dll was found to contain malicious code. Source: ghsa-malware...
Malicious code in solara-roblox (npm)
The package solara-roblox was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
Malicious code in solara-patcher-legacy (npm)
The package solara-patcher-legacy was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-33627 Malicious code in solara-roblox (npm)
The package solara-roblox was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-33626 Malicious code in solara-patcher-legacy (npm)
The package solara-patcher-legacy was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
Malicious code in solara-upgrade (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d11917059b5c9bae62b045f1b86da3912936d28e6568bc30ec686779c22da807 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3919 Malicious code in solara-upgrade (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d11917059b5c9bae62b045f1b86da3912936d28e6568bc30ec686779c22da807 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-39903
Solara is a pure Python, React-style framework for scaling Jupyter and web apps. A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI...
Malicious code in bootstrapper-solara (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-810 Malicious code in bootstrapper-solara (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in upgrade-solara (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06786e0684a9afc602c99f62a977e170fc435947a63896cfd50abc00997f7b63 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12057 Malicious code in upgrade-solara (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06786e0684a9afc602c99f62a977e170fc435947a63896cfd50abc00997f7b63 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11905 Malicious code in solara-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d6e86743114e65716ebcc22493a5d16e0e807c0701cf4233fac1c9eb47f821a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in solara-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d6e86743114e65716ebcc22493a5d16e0e807c0701cf4233fac1c9eb47f821a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in solara.update (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11459 Malicious code in solara.update (npm)
--- -= Per source details. Do not edit below this line.=-...