664 matches found
MAL-2023-1133 Malicious code in chain00xtest2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 80e4a9d4552592ce0f6795c5766700fad9ffb00693e9e153665354e7f4286917 The OpenSSF Package Analysis project identified 'chain00xtest2' @ 1.0.2 npm as malicious. It is considered malicious because: - The package...
MAL-2023-296 Malicious code in dvknpm-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 699740896647f6c3926d3579cb62aaf2d4cb804f000f96f4ad3d049f5c176b13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1319 Malicious code in testipaketti_keketester (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d80c6896d6f1131eb5e9b88ce8f72fdfd575ff8f7666be6c09eccc7e1b13798 The OpenSSF Package Analysis project identified 'testipakettikeketester' @ 1.0.3 npm as malicious. It is considered malicious because: - The...
MAL-2023-1239 Malicious code in mongoose-geojson-schema-2d (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f64dbcc8b994e165e387b83aad34a6af319aafa0fe13b67eb52d8c5fb286e34f The OpenSSF Package Analysis project identified 'mongoose-geojson-schema-2d' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2023-1085 Malicious code in @mddsfmsdflm/itemselector (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 88f4e295b9c4b793c8ffbdc4077606b6d5b61c41ab83b85bda2b46680c678174 The OpenSSF Package Analysis project identified '@mddsfmsdflm/itemselector' @ 103.0.9 npm as malicious. It is considered malicious because: - Th...
MAL-2023-602 Malicious code in mintel-react-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0a1835239b54b7888436777e7e123e588fdbf2fe1ca95d9162e6803d5027515e Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...
MAL-2023-851 Malicious code in test-op-solhint (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f8f315fe20128ae26be541522255c4eeab47ec166f70e54ca5a2c6cb533ae67 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1420 Malicious code in this-is-malware (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a09f1ea3e612edb3afa0fb412d98d5c1ce03b4303b89288ce84357b49b25a3ac The OpenSSF Package Analysis project identified 'this-is-malware' @ 0.1.0 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1349 Malicious code in yelp-js-error-reporting-init-error-reporting (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b0ef31127203cf701c7aa890cdebf10454c53c989cb98015927e9b62881c7bf6 The OpenSSF Package Analysis project identified 'yelp-js-error-reporting-init-error-reporting' @ 19.20.20 npm as malicious. It is considered...
MAL-2023-1213 Malicious code in int_access_worldpay_sfra (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97111e27f0fa3c0c573ceec6fba991c479ff7517b8043bdce5bb5150aa6644e8 The OpenSSF Package Analysis project identified 'intaccessworldpaysfra' @ 99.19.19 npm as malicious. It is considered malicious because: - The...
MAL-2023-1383 Malicious code in opencv-keras (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1f3dbc8704eb128ec656854e38ccd3c45d1232978eed378bb7711837dddd09bf The OpenSSF Package Analysis project identified 'opencv-keras' @ 17.10.13 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1389 Malicious code in pygame-install (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 93390eea0977ef15ff0c7413e64df5bd99497ea76e9238097ee0b6f4b9862fdd The OpenSSF Package Analysis project identified 'pygame-install' @ 17.14.20 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1391 Malicious code in pygame-pytorch (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c104a6d866e764da7907147cd7def349f360987498156433ef1e11bf4ac2263c The OpenSSF Package Analysis project identified 'pygame-pytorch' @ 3.4.19 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1396 Malicious code in pytorch-pandas (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 21d9172520d87343cf043969211d79bebee861c010da78f947a6464d138a78eb The OpenSSF Package Analysis project identified 'pytorch-pandas' @ 14.19.3 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1400 Malicious code in req-matplotlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 42e8fed5a27a6a36519ad623fa6c33db0f7824fc859500c5f049ec26347c2b3c The OpenSSF Package Analysis project identified 'req-matplotlib' @ 11.2.18 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1401 Malicious code in req-os (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a4c774c66c886693b125c705573bcf15587bb2320aec1b977d51399406abb433 The OpenSSF Package Analysis project identified 'req-os' @ 20.5.17 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1371 Malicious code in install-pytest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c354c0f5dc76b96d0db0745a885c308a97e8edfa82d219fda8c353dd567b43d6 The OpenSSF Package Analysis project identified 'install-pytest' @ 1.12.7 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1160 Malicious code in docs-component-title (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1e4e933240e0533957a39c9132a6925469e069081320949dc198545fd1080a49 The OpenSSF Package Analysis project identified 'docs-component-title' @ 1.2.2 npm as malicious. It is considered malicious because: - The packa...
MAL-2023-167 Malicious code in cfa-styleguide (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5562a6cb1d5f239216be52c28e8d316e8ffe0f490d11978863202a6fcfcbe8bc Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...
MAL-2023-1409 Malicious code in smsobfuscate (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fa2efc28ecdebc90e41edd50503e199984f68d05cb13edab8b6e8d503d18e75c The OpenSSF Package Analysis project identified 'smsobfuscate' @ 1.0.1 pypi as malicious. It is considered malicious because: - The package...