138 matches found
Malicious code in testpentesting123xyz (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 36685d552523fa8f2d9de645b437d7cecf143d10232afb786da7ff9d224afc2a The OpenSSF Package Analysis project identified 'testpentesting123xyz' @ 1.0.0 npm as malicious. It is considered malicious because: - The packa...
Malicious code in pinyin-pra (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9b8720c87d902e268ccf6e9db13f00285998cf35b280a6851ef9c3c23b3f0d6b The OpenSSF Package Analysis project identified 'pinyin-pra' @ 1.0.3 npm as malicious. It is considered malicious because: - The package...
Malicious code in by-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bbe17032deb287c69fb57c7e240590cb829a046c49e904b65d01686694636d5b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1332 Malicious code in uidm-react-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 46d06a0532602d59ada5b5296d3344ff79c9be233ff036127aad80ba624e6e95 The OpenSSF Package Analysis project identified 'uidm-react-lib' @ 99.99.1 npm as malicious. It is considered malicious because: - The package...
MAL-2024-1158 Malicious code in u-workflow.module.common.hour-of-week (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa993331c82ce09532f10dfb1eb3586e1a3343188c93733712aad7f47cb49539 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in discord.js-commandv14 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 126e742ca73d1c4cdf2ec98e46c96cef6f7c92d341e8c71305b73c0fcfdb69e9 The OpenSSF Package Analysis project identified 'discord.js-commandv14' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
Malicious code in @ssr-frontend/packages-analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17a895de36109204be95b9aba4154cc6414897889ce21aed3bfa4f0a304b3453 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-60 Malicious code in @neogov/linkanx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 133eddd55383f57d0ee29c0a3eb7343b9118e95d6c54ab71bb75aa457dd5d2d0 The OpenSSF Package Analysis project identified '@neogov/linkanx' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-8686 Malicious code in rechtspraak.insolventies (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1e0d29af84c44aed4e022517fdf4ddc15b112789794ec5460c0e9acb30bd90c6 The OpenSSF Package Analysis project identified 'rechtspraak.insolventies' @ 0.9.0 npm as malicious. It is considered malicious because: - The...
Malicious code in bingoblitz-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ca05a909d0e70b609e4b0b342b303f09e7585d6ff3c890081fb66e42f504db72 The OpenSSF Package Analysis project identified 'bingoblitz-frontend' @ 1.999.0 npm as malicious. It is considered malicious because: - The...
MAL-2023-8556 Malicious code in primarycare (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f127bd23e5c409b4d729767fb6df0fade7da73e67b9bf12303c53330c7970280 The OpenSSF Package Analysis project identified 'primarycare' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in frontend-proctor-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7c6de6a72e79dd5f6e54f1f9659918eeecd369c8ef58849ca2e6dbd611c5ad9d The OpenSSF Package Analysis project identified 'frontend-proctor-utils' @ 4.2.8 npm as malicious. It is considered malicious because: - The...
MAL-2023-7992 Malicious code in pingserver-test.01 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d1b45d47d16b0b11b03d83b5b03c34f73980a4e584b35227fbb1359f69c1bbe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1134 Malicious code in chain00xtest3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d395f073dbbc2c8412d5341657a944edf74e11f1234dc1a97587fc4c3e6028c5 The OpenSSF Package Analysis project identified 'chain00xtest3' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in dragonsense-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b16039afbf251f78d8c6adf4bb07342e8c112167bef9e0749651dacbdaf12c26 The OpenSSF Package Analysis project identified 'dragonsense-config' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1410 Malicious code in spammingsynonym (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97a0609c600ca9bc940340f2595fb41607b5af5c3931f10350bea6aa3c9879ae The OpenSSF Package Analysis project identified 'spammingsynonym' @ 3.0.1 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1369 Malicious code in iiris-new2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c0f584cfefbd98e630ed7a59b892d50d96387e5941f2a09a3543324b1c418396 The OpenSSF Package Analysis project identified 'iiris-new2' @ 1.0.0 pypi as malicious. It is considered malicious because: - The package...
Malicious code in webpack-cli.legacy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 22737261df7f74819a3f3f968e6516db5e37f6621827d6148b290f7650b9992f The OpenSSF Package Analysis project identified 'webpack-cli.legacy' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...