13 matches found
MAL-2025-47568 Malicious code in truelayer-assignment (npm)
The package truelayer-assignment was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4cb2b1d58a741e8bce6ef15fb465d4c1d070891603626cd0ff81d09e23d05a76 Any computer that has this package installed or running should be considered fully...
Malicious Package
Overview truelayer-assignment is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview truelayer-service is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in truelayer-assignment (npm)
The package truelayer-assignment was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4cb2b1d58a741e8bce6ef15fb465d4c1d070891603626cd0ff81d09e23d05a76 Any computer that has this package installed or running should be considered fully...
MAL-2025-47569 Malicious code in truelayer-service (npm)
The package truelayer-service was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc9900a38cc6f7543f01f0f226e5ac0ddf01b51bdc46b2e5da6caaf06ecc3155 Any computer that has this package installed or running should be considered fully...
Malicious code in truelayer-service (npm)
The package truelayer-service was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc9900a38cc6f7543f01f0f226e5ac0ddf01b51bdc46b2e5da6caaf06ecc3155 Any computer that has this package installed or running should be considered fully...
CVE-2024-23838
TrueLayer.NET is the .Net client for TrueLayer. The vulnerability could potentially allow a malicious actor to gain control over the destination URL of the HttpClient used in the API classes. For applications using the SDK, requests to unexpected resources on local networks or to the internet cou...
MAL-2025-1184 Malicious code in truelayer-for-woocommerce (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b29c75990176d19762517dd4d6e52e6c8b1f434a2089b4bfc95fca56e7cd0a3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in truelayer-for-woocommerce (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b29c75990176d19762517dd4d6e52e6c8b1f434a2089b4bfc95fca56e7cd0a3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-23838 TrueLayer.Client SSRF when fetching payment or payment provider
TrueLayer.NET is the .Net client for TrueLayer. The vulnerability could potentially allow a malicious actor to gain control over the destination URL of the HttpClient used in the API classes. For applications using the SDK, requests to unexpected resources on local networks or to the internet cou...
CVE-2024-23838 TrueLayer.Client SSRF when fetching payment or payment provider
TrueLayer.NET is the .Net client for TrueLayer. The vulnerability could potentially allow a malicious actor to gain control over the destination URL of the HttpClient used in the API classes. For applications using the SDK, requests to unexpected resources on local networks or to the internet cou...
PT-2024-20114 · Truelayer · Truelayer.Client +1
Name of the Vulnerable Software and Affected Versions: TrueLayer.Client versions prior to v1.6.0 Description: The issue could potentially allow a malicious actor to gain control over the destination URL of the HttpClient used in the API classes. For applications using the SDK, requests to...
Malicious Package
Overview truelayer-component-library is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if th...