8 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the snappy:Decoder function. An attacker can cause excessive memory consumption and potential out-of-memory errors by sending malformed blocks that bypass request size limits. This...
EUVD-2025-121599
Malicious code in stream-mysql-typeorm-halley npm...
EUVD-2025-123634
Malicious code in playwright-stream-playwright-acamar npm...
EUVD-2025-115203
Malicious code in command-gulp-stream-stream npm...
MAL-2025-141755 Malicious code in dotenv-safe-hyperion-karma-stream (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41545b93f714faf7d695c18bdad4365cb382c7a187442a99e2252a943a2c2cdd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-5588 Malicious code in wp-stream (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7bd25807808ab0722baeb487925a65428a1198b9ff17c596ae5c3a7ec1d05161 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Directory Traversal
Affected versions of list-n-stream package 0.0.10 and before, are vulnerable to a directory traversal issue...
GHSA-26HG-CRH6-MJRW Directory Traversal
Affected versions of list-n-stream package 0.0.10 and before, are vulnerable to a directory traversal issue...