See the full list of npm packages compromised in the "SHA1-Hulud npm supply chain incident – Nov 2025" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
| VULNERABILITY | AFFECTS | TYPE | PUBLISHED |
|---|---|---|---|
| upx<4.0.2-r0 | alpine:3.23 | 4 Dec 2025 |
| thunderbird<78.6.1-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| xpdf<4.05-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| xwayland<21.1.4-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.31-r0 | alpine:3.23 | 4 Dec 2025 |
| xpdf<4.03-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.33-r0 | alpine:3.23 | 4 Dec 2025 |
| upx<4.0.0-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.30.2-r3 | alpine:3.23 | 4 Dec 2025 |
| thunderbird<78.6.1-r0 | alpine:3.23 | 4 Dec 2025 |
| xwayland<24.1.7-r0 | alpine:3.23 | 4 Dec 2025 |
| upx<4.0.2-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| yelp<42.2-r5 | alpine:3.23 | 4 Dec 2025 |
| xpdf<4.05-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| trafficserver9<9.2.3-r0 | alpine:3.23 | 4 Dec 2025 |
| xorg-server<21.1.19-r0 | alpine:3.23 | 4 Dec 2025 |
| xwayland<24.1.6-r0 | alpine:3.23 | 4 Dec 2025 |
| zoneminder<1.36.7-r0 | alpine:3.23 | 4 Dec 2025 |
| ytnef<1.9.3-r1 | alpine:3.23 | 4 Dec 2025 |
| yt-dlp<0-r0 | alpine:3.23 | 4 Dec 2025 |
| zabbix<5.4.9-r1 | alpine:3.23 | 4 Dec 2025 |