Malicious code in cms-ui-views (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 636cafa99151c70813b92018c04a866bf889ce49006e1f029efa7f5facd17639 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-196 Malicious code in cms-ui-views (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 636cafa99151c70813b92018c04a866bf889ce49006e1f029efa7f5facd17639 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview cms-ui-views is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Unauthorized view fragment access in Jenkins

Jenkins uses the Stapler web framework to render its UI views. These views are frequently composed of several view fragments, enabling plugins to extend existing views with more content. Before SECURITY-534 was fixed in Jenkins 2.186 and LTS 2.176.2, attackers could in some cases directly access ...

Improper Access Control

stapler web framework is vulnerable to Improper Access Control. The UI views are frequently comprised of several view fragments, enabling plugins to extend existing views with more content. This vulnerability allows an attacker to directly access a view fragment containing sensitive information,...

CVE-2013-2914

Use-after-free vulnerability in the color-chooser dialog in Google Chrome before 30.0.1599.66 on Windows allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to colorchooserdialog.cc and colorchooserwin.cc in browser/ui/views/...