Vetur-wepy

Problem

Potentially unwanted applications (PUAs) can be considered a risk by some software users. This threat type typically collects private user data, or in more extreme cases, tampers with system security settings. Most threat prevention solutions detect and block PUAs. Software packages that trigger security solution detections also tend to increase the number of support calls and open tickets from users.

Problem

Potentially unwanted applications (PUAs) can be considered a risk by some software users. This threat type typically collects private user data, or in more extreme cases, tampers with system security settings. Most threat prevention solutions detect and block PUAs. Some software dependencies may be optional, and could be installed or downloaded only if a certain pre-defined condition is met. When software dependencies are confirmed to be found within the software package, additional issues might also be reported. Software packages that trigger security solution detections also tend to increase the number of support calls and open tickets from users.

Problem

Software composition analysis has identified a component with one or more known severe vulnerabilities. Available threat intelligence telemetry has confirmed that the reported high or critical severity vulnerabilities are actively being exploited by malicious actors.

Problem

Software composition analysis has identified a component with one or more known vulnerabilities. Available threat intelligence telemetry has confirmed that the reported vulnerabilities are actively being exploited by malicious actors. Malware code that propagates through these vulnerabilities has been created. This increases the chance of automated malware attacks affecting the software component users.

Problem

Software composition analysis has identified a component with one or more known vulnerabilities. Based on the CVSS scoring, these vulnerabilities have been marked as critical severity.

Problem

Data Execution Prevention (DEP/NX) is a vulnerability mitigation option that prevents data from being interpreted as code anywhere within the application. This mitigation protects the application stack, heap and other memory data ranges. Executable files that fail to implement this mitigation expose the user to increased risks of malicious code injection.

Problem

Sensitive executable memory regions should be kept as read-only to protect the integrity of trusted execution code flow paths. Imported function addresses are pointers to the symbols that implement the application-required functionality. If those pointers are changed by malicious code, execution paths can be redirected to unintended locations. Most modern programming language toolchains protect those memory regions appropriately. These issues are commonly reported for outdated linkers and non-compliant executable packing solutions.

Problem

Sensitive executable memory regions should be kept as read-only to protect the integrity of trusted execution code flow paths. Thread local storage (TLS) callbacks are pointers to code initialization and resource release functions. If those pointers are changed by malicious code, execution paths can be redirected to unintended locations. Most modern programming language toolchains protect those memory regions appropriately. These issues are commonly reported for outdated linkers and non-compliant executable packing solutions.

Problem

Software composition analysis has identified a component with one or more known vulnerabilities. Based on the CVSS scoring, these vulnerabilities have been marked as high severity.

Problem

Uniform Resource Locators (URLs) are structured addresses that point to locations and assets on the internet. URLs allow software developers to build complex applications that exchange data with servers that can be hosted in multiple geographical regions. URLs can commonly be found embedded in documentation, configuration files, source code and compiled binaries. One or more embedded URLs were discovered to link to raw files hosted on GitHub. Attackers often abuse popular web services to host malicious payloads. Since code-sharing services URLs are typically allowed by security solutions, using them for payload delivery increases the odds that the malicious code will reach the user. While the presence of code-sharing service locations does not imply malicious intent, all of their uses in a software package should be documented and approved. An increasing number of software supply chain attacks in the open source space leverages the GitHub service to deliver malicious payloads.