CVE-2023-3635

A flaw was found in SquareUp Okio. A class GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This issue may allow a malicious user to start processing a malformed file, which can result in a Denial of Service DoS...

ai.agenticants:ants-platform-java (>=0.1.1 <=0.1.2), ai.databand:dbnd-agent (>=0.82.9 <=1.0.28.1) +12037 more potentially affected by CVE-2023-3635 via com.squareup.okio:okio-jvm (>=3.0.0-alpha.10 <=3.3.0)

com.squareup.okio:okio-jvm MAVEN version =3.0.0-alpha.10, =0.1.1, =0.82.9, =0.82.9, =0.82.9, =0.82.9, =0.5.0, =0.5.0, =0.5.8, =0.5.0, =0.5.7, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2023-3635 Source advisory: OSV:GHSA-W33C-445M-F8W7...

Malicious code in @squareup/data-api.js-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 351c78770a4888af009e5d2270940bb942890cf8ceb18057cf2f33f709ba191a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-609 Malicious code in @squareup/data-api.js-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 351c78770a4888af009e5d2270940bb942890cf8ceb18057cf2f33f709ba191a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...