2 matches found
Malicious Package
Overview coveo-101-commerce is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packag...
Malicious code in coveo-101-commerce (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fc0cdf6355009bbf0e2512408fb6f96d5c1febe666618b3aece404301afc171f The OpenSSF Package Analysis project identified 'coveo-101-commerce' @ 3.0.0 npm as malicious. It is considered malicious because: - The package...