Lucene search
GoogleOSV:MAL-2023-6HistoryApr 27, 2023 - 6:36 a.m.
Malicious code in parallel-workers (npm)
2023-04-2706:36:28
Google
osv.dev
2
malicious code
parallel-workers
npm
domain communication
command execution
7.3 High
AI Score
Confidence
High
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (abf4ac32d4bbbf2bca51efed2166f670c707230f7da2b87c1318cbe8ca9dade1)
The OpenSSF Package Analysis project identified βparallel-workersβ @ 99.99.101 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
- The package executes one or more commands associated with malicious behavior.
| CPE | Name | Operator | Version |
|---|---|---|---|
| parallel-workers | eq | 99.99.101 | |
| parallel-workers | eq | 99.99.99 | |
| parallel-workers | eq | 99.99.98 | |
| parallel-workers | eq | 99.99.100 | |
| parallel-workers | eq | 99.99.104 |
7.3 High
AI Score
Confidence
High