Regular Expression Denial Of Service (ReDoS)

@vue/cli-plugin-pwa is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to unsafe regex handling in the HtmlPwaPlugin component of the Markdown code handler, which can be exploited remotely to degrade performance...

@axeridev/flux-ui (>=0.0.7 <=0.4.3), @bpui/build-cli (=0.0.1) +21 more potentially affected by CVE-2025-5897 via @vue/cli-plugin-pwa (>=3.12.1 <=5.0.8)

@vue/cli-plugin-pwa NPM version =3.12.1, =0.0.7, =0.0.6, =0.0.14, =7.0.0-beta.3, =0.12.0-alpha.0, =0.1.2, =0.1.5, =0.1.5, =0.1.2, =7.0.0-beta.3, =2.0.0, =2.3.8 and more Source cves: CVE-2025-5897 Source advisory: OSV:GHSA-79VF-HF9F-J9Q8...

Malicious code in vue-cli-plugin-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cb4c725718310cb969ec6171fad585bea2b58fc7d4460be6b706cb8529356d7a The OpenSSF Package Analysis project identified 'vue-cli-plugin-lint-staged' @ 9.9.7 npm as malicious. It is considered malicious because: - The...

MAL-2024-11893 Malicious code in vue-cli-plugin-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cb4c725718310cb969ec6171fad585bea2b58fc7d4460be6b706cb8529356d7a The OpenSSF Package Analysis project identified 'vue-cli-plugin-lint-staged' @ 9.9.7 npm as malicious. It is considered malicious because: - The...

Malicious code in vue-cli-plugin-changelog (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11486 Malicious code in vue-cli-plugin-changelog (npm)

--- -= Per source details. Do not edit below this line.=-...