Lucene search
K

6 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/01 1:26 p.m.5 views

Malicious code in tailwind-style-override (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f70c1280fa4f70d4161ef2634dd7eb7f7b59b51cac954465a8d1aad2a1ae5763 The package tailwind-style-override was found to contain malicious code...

7AI score
Exploits0References3
OSV
OSV
added 2025/12/01 1:26 p.m.3 views

MAL-2025-191594 Malicious code in tailwind-style-override (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f70c1280fa4f70d4161ef2634dd7eb7f7b59b51cac954465a8d1aad2a1ae5763 The package tailwind-style-override was found to contain malicious code...

6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.3 views

Malicious Package

Overview tailwind-style-override is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...

9.8CVSS7.2AI score
Exploits0References3
Debian CVE
Debian CVE
added 2024/12/11 6:54 p.m.9 views

CVE-2024-47541

GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...

7.5CVSS6.8AI score0.01324EPSS
Exploits1
OSV
OSV
added 2024/12/02 10:15 p.m.2 views

UBUNTU-CVE-2024-53985

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0 and Nokogiri 1.15.7, or 1.16.x 1.16.8. The XSS vulnerability with certain...

6.1CVSS7.3AI score0.00581EPSS
Exploits0References5
Veracode
Veracode
added 2022/07/06 6:9 a.m.78 views

Cross-site Scripting (XSS)

rails-html-sanitizer is vulnerable to cross-site scripting attacks. An attacker is able to inject and execute malicious javascript through the sanitizecss function when the library is configured to override the style tags to allow both select and style elements...

6.1CVSS6.3AI score0.2914EPSS
Exploits1References9Affected Software3
Rows per page
Query Builder