8 matches found
EUVD-2025-176477
Malicious code in secure-phi-web-yaml-socket npm...
EUVD-2025-175620
Malicious code in web-yaml-analyze-finally-short npm...
MAL-2025-31285 Malicious code in query-sudo-web-yaml-iota (npm)
The package query-sudo-web-yaml-iota was found to contain malicious code...
Malicious code in awk-serialize-upsilon-web-yaml (npm)
The package awk-serialize-upsilon-web-yaml was found to contain malicious code...
Malicious code in query-sudo-web-yaml-iota (npm)
The package query-sudo-web-yaml-iota was found to contain malicious code...
MAL-2025-15219 Malicious code in awk-serialize-upsilon-web-yaml (npm)
The package awk-serialize-upsilon-web-yaml was found to contain malicious code...
AZL-41992 CVE-2022-46146 affecting package prometheus-process-exporter for versions less than 0.8.2-1
Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix...
CVE-2022-46146
Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix...