964 matches found
MAL-2025-46916 Malicious code in monolith-twirp-registrymetadata-core (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9126904a0142c25fc3bffb7bb0d13eb5497f64bd39d2006b73cd1b6376fe2544 The OpenSSF Package Analysis project identified 'monolith-twirp-registrymetadata-core' @ 1.14.3 rubygems as malicious. It is considered maliciou...
MAL-2025-46906 Malicious code in egress (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ee02802f5d94f135856b832109948906e7a3a39fbea753561a4d518a1d4e889f The OpenSSF Package Analysis project identified 'egress' @ 1.68.g52b0cd0 rubygems as malicious. It is considered malicious because: - The packag...
MAL-2025-41820 Malicious code in openmct-e2e (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 929c26f533affbdfe0c09be2dff86f393cae1b379f25ce110aa61a1a27f473fb The OpenSSF Package Analysis project identified 'openmct-e2e' @ 10.0.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in @flight-common/models (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c5af2423bce8f82ab3bebfecba472bdcc04805388481ec19e96c245ca48ccd3b The OpenSSF Package Analysis project identified '@flight-common/models' @ 1.2.9213 npm as malicious. It is considered malicious because: - The...
MAL-2025-42122 Malicious code in @flight-common/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 10b5cb816f030297707c6e9ae79f7916de698fd58c8b068b18ef716c7425240b The OpenSSF Package Analysis project identified '@flight-common/components' @ 1.2.9213 npm as malicious. It is considered malicious because: - T...
Malicious code in eslint-9 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7b6f571e9facdadc164a1e0a5ed2a298a233bbc3138ef7df78bae9d0a3d588a4 The OpenSSF Package Analysis project identified 'eslint-9' @ 99.0.9 npm as malicious. It is considered malicious because: - The package...
Malicious code in @navancorp/ta-travel (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 475cb3266e9f473c951bb35f87e31b76f08d312ee1916977eb7a125f339f7b7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @navify-platform/i18n (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 306d60012db44c48b4e577372019b8171e2eb15c6cfb80a9c1e5eb7df32149de The OpenSSF Package Analysis project identified '@navify-platform/i18n' @ 1.2.0 npm as malicious. It is considered malicious because: - The...
MAL-2025-6895 Malicious code in commonweb-setup (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0c019e3086bf1cec9b859c8fe048187fc7cf6dc866de93fbd0ff2182b3e4fc0a The OpenSSF Package Analysis project identified 'commonweb-setup' @ 10.11.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6806 Malicious code in react-native-kraken-oauth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6dd9f629078cdad7b927b9f85f1d8b3a5d381a6009e08c65eafca6272b20cbf2 The OpenSSF Package Analysis project identified 'react-native-kraken-oauth' @ 1.0.1 npm as malicious. It is considered malicious because: - The...
MAL-2025-6805 Malicious code in nodejs-with-singlestore-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2dfae81e2129cf717fbae5a22ecd1938d1ea741de0968e42d5363363d6ea2dfe The OpenSSF Package Analysis project identified 'nodejs-with-singlestore-demo' @ 1002.0.1 npm as malicious. It is considered malicious because: ...
MAL-2025-6798 Malicious code in google-webfonts-helper (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ba7d8c4c4151033fdccecb7ed439075f6c8eb39490462dd7b25aac68d2a22482 The OpenSSF Package Analysis project identified...
MAL-2025-6796 Malicious code in lynx-libs-mono (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7dcde725ba12b559bfd1e62b8d6058ced4b0a5ed11b9f168f8f6f576b42ef801 The OpenSSF Package Analysis project identified 'lynx-libs-mono' @ 1.0.10 npm as malicious. It is considered malicious because: - The package...
Malicious code in htmlcontent (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4aa1c1ab3630fc2aad076dcc5fd9b2205ba7e1079410b1de1b6a757690fdd2b1 The OpenSSF Package Analysis project identified 'htmlcontent' @ 3.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6792 Malicious code in htmlcontent (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4aa1c1ab3630fc2aad076dcc5fd9b2205ba7e1079410b1de1b6a757690fdd2b1 The OpenSSF Package Analysis project identified 'htmlcontent' @ 3.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6791 Malicious code in powerbi-visuals-powerkpi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1708aa2b758d41b3666672f4afb039a73cdfa12345a815feb095ca94f0fcf900 The OpenSSF Package Analysis project identified 'powerbi-visuals-powerkpi' @ 9.0.1 npm as malicious. It is considered malicious because: - The...
MAL-2025-6700 Malicious code in bp-console-fe-sg (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 521bbcab75dfeaca681fe4eedeb12dcfbe52f54514441c4c397cf234030ca4e1 The OpenSSF Package Analysis project identified 'bp-console-fe-sg' @...
MAL-2025-6676 Malicious code in undeface-test-2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 69c9b501034a030dc669fcc1ae2026db2508367cac00b2b2b7e4d8df0a78ad7e The OpenSSF Package Analysis project identified 'undeface-test-2' @ 9.9.9 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6737 Malicious code in newrelic-scheduler (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 283d0b11edc13929f769d9072e403ef35901c2c26167edbfadb2573cbadaa850 The OpenSSF Package Analysis project identified 'newrelic-scheduler' ...
MAL-2025-6674 Malicious code in undeface-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cb90f4f82fed4d59ca2dcb3a39b4b93866778f4f52ae780393bdcf08e389be03 The OpenSSF Package Analysis project identified 'undeface-test' @ 9.9.9 npm as malicious. It is considered malicious because: - The package...