138 matches found
MAL-2024-11171 Malicious code in readium-css (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e052a1c3b7fcfedb0cee689603d30bf043df8eebeff0146be74a4b0e218d62a0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10724 Malicious code in evocateur_libpnpmpublishing (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2a0da80461a0fbbd51af9f1ef2a02e83a2b2b49fe352e262ee2c90bdd03b2359 The OpenSSF Package Analysis project identified 'evocateurlibpnpmpublishing' @ 99.3.5 npm as malicious. It is considered malicious because: - Th...
Malicious code in @sportdigi/bootstrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 606eac7e59a098b487b61377214416850ff371fc507eb544c97622670ff87dc8 The OpenSSF Package Analysis project identified '@sportdigi/bootstrapper' @ 12.1.2 npm as malicious. It is considered malicious because: - The...
MAL-2024-10629 Malicious code in hodkasia01 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9fb637e3836cd2591e09eb9f418dd4a919c7fae2c9ba94291565e186d6634e3a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in modlog-archive (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3bc2d1d981039b25af543c99dcd5081c70b24b7ee9c3eb7d68b3c96003bd4a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in embrace-helloworld (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27c1c70726566294b9958ec5ab9d3af0e2d5e1c3dc9451f07055c6b650bfbd50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in oneui.angular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bbff39f683b1b6c064ebc065aae50d8fd4123b1b53b7f90bed51db2d19562a6e The OpenSSF Package Analysis project identified 'oneui.angular' @ 99.99.99 npm as malicious. It is considered malicious because: - The package...
Malicious code in @sixsense/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0f021d4dc50ebf01ce5a1613889fcaddc92acd07499b0c461b306a6ad5407442 The OpenSSF Package Analysis project identified '@sixsense/core' @ 1.0.4 npm as malicious. It is considered malicious because: - The package...
MAL-2024-9211 Malicious code in manoj-app-css-alt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0c88dab3b32782f38a2c1b962d842f1c4c52400df0c5622d73f4989ebc8381f6 The OpenSSF Package Analysis project identified 'manoj-app-css-alt' @ 9.1.1 npm as malicious. It is considered malicious because: - The package...
MAL-2024-9098 Malicious code in m-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57e450947ea7b047b2ac4e80c9e97314a41934d654cf6a821829a0bf9d51c521 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in axp-product-ducks (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5285fb9646b0435fb4ae3204b5975277243e149fc95c187c5c65e2fa0609389e The OpenSSF Package Analysis project identified 'axp-product-ducks' @ 30.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-8955 Malicious code in storj-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c29c7e82f958f9ed89af6fc324d687bfe4e15d4b2aa49fee39f5aeeb4eee5583 The OpenSSF Package Analysis project identified 'storj-docs' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in @live-backstage/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59a85f5255ffeaed2480c5affaf5967984d6b21631800dee033bd1c44c762ce5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in byted-cg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 90e251b9f3c49de738ecec6d31759290c20383f748735d901d797110fd1b6fb2 The OpenSSF Package Analysis project identified 'byted-cg' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-7836 Malicious code in health-check-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ef9d93b4469df4d458d4c4a226b45fa7baf7760a84cd3d8b5fc84fb990e0e6ba The OpenSSF Package Analysis project identified 'health-check-nodejs' @ 3.16.1 npm as malicious. It is considered malicious because: - The packa...
MAL-2024-7599 Malicious code in sap-balance (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 30cd940ca221a7d39311880e508f74779101c1ae9751beb4fa648abb2b0a6266 The OpenSSF Package Analysis project identified 'sap-balance' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-7582 Malicious code in sap-authorid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 09914638ace6a85961e1642543b20472ba7751ceeb7287075487e360881c1ff3 The OpenSSF Package Analysis project identified 'sap-authorid' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-7482 Malicious code in secnav (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a9e8a7599691831cd3f6a1111dfd17e5b50219d9eabcfffa1ff08edb10be6d8c The OpenSSF Package Analysis project identified 'secnav' @ 69.69.69 npm as malicious. It is considered malicious because: - The package...
MAL-2024-1667 Malicious code in @wdp-gov/lineage-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b30855ea8cc386194da24bd8f34fefc9372384eef6482801222bd4b23fa7a172 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1628 Malicious code in rb-info-banner (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 795c3e45bb638b1058118c99f65db4e6f84244a2af7acbb4d6bd09a19b94dca6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...