Lucene search
GoogleOSV:MAL-2023-1318HistoryApr 29, 2023 - 3:50 a.m.
Malicious code in testforconfusion (npm)
2023-04-2903:50:56
Google
osv.dev
malicious package
npm
domain communication
7.1 High
AI Score
Confidence
High
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (0463d945d1cd3398ce2594034fd52775ac94fe411f1cc645f88f757522abfc1b)
The OpenSSF Package Analysis project identified βtestforconfusionβ @ 1.1.0 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
| CPE | Name | Operator | Version |
|---|---|---|---|
| testforconfusion | eq | 1.1.0 | |
| testforconfusion | eq | 1.0.0 | |
| testforconfusion | eq | 1.1.1 |
7.1 High
AI Score
Confidence
High