CNNVD-202509-1125 Information

CNNVD ID

CNNVD-202509-1125

Related CVE

CVE-2025-59039

• CNNVD Published: 2025-09-09

Description (Chinese)

Prebid Universal Creative是Prebid开源的一个接口软件。 Prebid Universal Creative 1.17.3版本存在安全漏洞，该漏洞源于npm包被植入恶意代码，可能干扰加密货币交易。

Description (English)

Prebid Universal Creative is an interface software for Prebid open source. There is a security loophole in the Prebid Universal Creative 1.173 version, which stems from the implantation of a npm package into a malicious code that could interfere with encrypted currency transactions.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

pretalx

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/prebid/prebid-universal-creative/security/advisories/GHSA-m662-56rj-8fmm https://www.sonatype.com/blog/npm-chalk-and-debug-packages-hit-in-software-supply-chain-attack https://access.redhat.com/security/cve/cve-2025-59039