Lucene search

K
osvGoogleOSV:MAL-2024-1382
HistoryMay 24, 2024 - 7:45 p.m.

Malicious code in cst-web-chat (npm)

2024-05-2419:45:53
Google
osv.dev
3
malicious code
cst-web-chat
openssf
package analysis
npm

7.1 High

AI Score

Confidence

High


-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (d63325ebdbf1c74d7cc5b1900804d59ba11882efb8796b209b0c5b572d4844a2)

The OpenSSF Package Analysis project identified β€˜cst-web-chat’ @ 3.3.7 (npm) as malicious.

It is considered malicious because:

  • The package communicates with a domain associated with malicious activity.
CPENameOperatorVersion
cst-web-chateq3.3.7

7.1 High

AI Score

Confidence

High