OSV - Open Source Vulnerabilities

GHSA-rvpw-p7vw-wj3m

npm/@opennextjs/cloudflare

OpenNext for Cloudflare (opennextjs-cloudflare) has a SSRF vulnerability via /_next/image endpoint

24 minutes ago

Fix available
Severity - 7.8 (High)

MAL-2025-4991

npm/azure-pipeline-filter

Malicious code in azure-pipeline-filter (npm)

31 minutes ago

No fix available

MAL-2025-4981

npm/vscode-spring-initializr

Malicious code in vscode-spring-initializr (npm)

15 hours ago

No fix available

MAL-2025-4980

npm/raise-http-server

Malicious code in raise-http-server (npm)

17 hours ago

No fix available

MAL-2025-4979

npm/composer-bin-plugin

Malicious code in composer-bin-plugin (npm)

20 hours ago

No fix available

MAL-2025-4978

npm/buck2_explain

Malicious code in buck2_explain (npm)

yesterday

No fix available

MAL-2025-4977

npm/neuroglancer-rspack-project-source

Malicious code in neuroglancer-rspack-project-source (npm)

yesterday

No fix available

MAL-2025-4976

npm/client-vue3-dev

Malicious code in client-vue3-dev (npm)

yesterday

No fix available

MAL-2025-4975

npm/arc-offsec-header

Malicious code in arc-offsec-header (npm)

yesterday

No fix available

MAL-2025-4974

npm/pipet-code-agent

Malicious code in pipet-code-agent (npm)

yesterday

No fix available

MAL-2025-4971

npm/@glofe/bootstrap

Malicious code in @glofe/bootstrap (npm)

yesterday

No fix available

MAL-2025-4973

npm/juno-autodiscovery-browser

Malicious code in juno-autodiscovery-browser (npm)

yesterday

No fix available

MAL-2025-4972

npm/@glofe/company

Malicious code in @glofe/company (npm)

yesterday

No fix available

MAL-2025-4985

npm/getsourcefile

Malicious code in getsourcefile (npm)

yesterday

No fix available

MAL-2025-4989

npm/symboltotypenode

Malicious code in symboltotypenode (npm)

yesterday

No fix available

MAL-2025-4970

npm/com.google.play.appupdate

Malicious code in com.google.play.appupdate (npm)

yesterday

No fix available