Lucene search
GoogleOSV:MAL-2023-1144HistoryMay 05, 2023 - 4:16 a.m.
Malicious code in confusedatma (npm)
2023-05-0504:16:38
Google
osv.dev
3
malicious code
confusedatma
npm
version 9.9.9
7.1 High
AI Score
Confidence
High
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (5708cd21986870186d2bf74eddcd5583472dd093668db44c4be3d889ce1417df)
The OpenSSF Package Analysis project identified βconfusedatmaβ @ 9.9.9 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
| CPE | Name | Operator | Version |
|---|---|---|---|
| confusedatma | eq | 6.0.0 | |
| confusedatma | eq | 9.9.9 | |
| confusedatma | eq | 4.0.0 |
7.1 High
AI Score
Confidence
High