342 matches found
Autodesk Fusion 跨站脚本漏洞
Autodesk Fusion is a data management software platform developed by Autodesk, Inc. in the United States. Autodesk Fusion has a cross-site scripting vulnerability, which stems from malicious HTML payloads in variant names. This vulnerability may lead to stored-cross-site scripting attacks, allowin...
DEBIAN-CVE-2026-1525
Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-length. This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire. Who is impacted: Applications...
CVE-2026-1525
Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-length. This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire. Who is impacted: Applications...
CVE-2026-1525
Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-length. This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire. Who is impacted: Applications...
Malicious code in csv-dysonswarm-aether-optimize-css-assets-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36bf85dcddcc722b3f545730fed6924d3f05fa5adac9e83f9ea4111f99186498 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in colors-request-xo-xerxes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1498b0185b55cab24bef95e606502bbbd2afbfe23c40d14a9b5f91cec7b05faf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in aquarius-relay-pulsar-eslint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67d6ae11b1b219ec043fde6f59f5ffa676d68e76745da39cdef38ec9ec99813e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188675 Malicious code in phoebe-react-bootstrap-heliophysics-nebula (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68274b408b6fb2382a5f5a2aa275eed20c2fe6bf4f3a8f6a33645d810c97545f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in zeta-cold-notify-fire-easy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77229f2590e999b50f84151be215aed98544f5d472493de435539a1fb1794260 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189969 Malicious code in transform-semantic-ui-eleventy-phoebe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ffc4d6e7b72b0aaa2abde280bb586981de8ed65cc2174a163599fb04f6fa777 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cypress-enif-robotics-miranda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b49d84ee8d80414f9e2624545178e0888e208b9cbdcff9007d1a5f97bbb230c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188803 Malicious code in prettier-plugin-markdown-joviology-style-loader-zooarchaeology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 233ad9fd46dd0a7e882c1bfcb9e7285a3b2061a17d83c3b4f4741b2d6cb699bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in gemini-hydrogeology-panspermia-standard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05c40c172857580cc93044c60ee5d17491d6289b26917933d9371df9d2b794e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in helmet-geochronology-rigel-sails (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d371d95824a99bc7c0274912a47abb83388ede4bef9957fd5ccc6581349b5988 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188391 Malicious code in octans-parallax-webdriverio-innercore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 496d68bf6fa75d4bf755d7036f37d3f9dad648ed79afb38a982a3114a2ebd9c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188863 Malicious code in promise-selenium-bellatrix-mysql (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 192014beffa1439654661cdd153d050d1b59764db49ed8256a5b6630ebbe3556 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in avangs-olium-nit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac6fefa9955600e941537932e80a519b59980014f675284e452ebddeb64496bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-181691 Malicious code in astam-ifukst-daiusikiula (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de04f3bb88fc6fe6490d2a9e797069b73eee4895c6354c48ac131e32aa04f85e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184570 Malicious code in odasv-kinu-bivoycaguab (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75096712af21cf752b3bb449e809114725f30884728e3731b17a5da25401f16b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184019 Malicious code in mitoko-on-lakiuoaba (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 225b2353cea9215f68e8a667b46d8901d5e942d488fa78ea6a9a08a40fdd44a5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...