964 matches found
MAL-2023-1435 Malicious code in notsogood (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b089f6e53ae82855fbdcf8b69573b5835bdc0ca9a476056a3fb78f1e85c2a50c The OpenSSF Package Analysis project identified 'notsogood' @ 0.0.2 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1092 Malicious code in @n9xcnr5test/n9xcnr5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 98235bbf40ea66c28973775cba8ead37bb4dc1d8999e5ebf02eb3157d4ba74be The OpenSSF Package Analysis project identified '@n9xcnr5test/n9xcnr5' @ 2001.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2023-1042 Malicious code in yatai-web-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f548d205122fcfcec01de022463ec287546b7367481a1ec5adb29294e452b8f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1188 Malicious code in gp-actions (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0af07f18bec84cba6878dd345ea1281728e0257d285118a40d835d7c9a2985a6 The OpenSSF Package Analysis project identified 'gp-actions' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1164 Malicious code in dox_assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f1c48c355e0ca22767468dec0d14be75c769e6b77c12e7c1a7989c0c6a487287 The OpenSSF Package Analysis project identified 'doxassets' @ 999.99.1 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1192 Malicious code in grizzly_sql_graph_visualization (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 98b80123b8320ae78359836efd59f32caab21e7efffea59f91bfb61b947bbab9 The OpenSSF Package Analysis project identified 'grizzlysqlgraphvisualization' @ 0.2.3 npm as malicious. It is considered malicious because: - T...
Malicious code in wrangler-dev-api-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 61404905188d42181fbf3217b2ebffe91c1328a0cd469718a53faec95f244738 The OpenSSF Package Analysis project identified 'wrangler-dev-api-app' @ 24.12.47 npm as malicious. It is considered malicious because: - The...
MAL-2023-1195 Malicious code in hellodependency2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 17de73fdb52a6a236afb53cd11e4bbf4c7ceb88be0eae16c1a16561d102643b8 The OpenSSF Package Analysis project identified 'hellodependency2' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1088 Malicious code in @metronetinc/react-component-library-next-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d29aaa8c56838993a54df9b7ee45362f439f4b704ca467383c14f4643e2151a9 The OpenSSF Package Analysis project identified '@metronetinc/react-component-library-next-plugin' @ 9.999.8 npm as malicious. It is considered...
MAL-2023-1259 Malicious code in openai-beta (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4ae52243725fa671be1294e1a3747581764b2e74d9c499e0ac249b03676d0dbf The OpenSSF Package Analysis project identified 'openai-beta' @ 99.99.999 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1102 Malicious code in @region-lib/env (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 67b77b57943caead91d57e182b78c1fa7b2c8da43cfe0779be49215fb55734a4 The OpenSSF Package Analysis project identified '@region-lib/env' @ 2000.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1095 Malicious code in @obg/ngx.global (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 88f55cbace2fa2eb2e05fb52cd0e69c6a623b5b977a0d6638853b20fe1dac89f The OpenSSF Package Analysis project identified '@obg/ngx.global' @ 99999.0.0 npm as malicious. It is considered malicious because: - The packag...
MAL-2023-1286 Malicious code in salesforce-ux (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cf2a69a3613a2fc56dfb5d3eb3f2b0289bf2f9c8b0db94caf8d754699c12d175 The OpenSSF Package Analysis project identified 'salesforce-ux' @ 1.6.1 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1321 Malicious code in thentiacloud-angularjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 080925c1a04cb601b6c5a204f7e8db92592ee52721272a7effa1eb5caf5207c8 The OpenSSF Package Analysis project identified 'thentiacloud-angularjs' @ 1.2.0 npm as malicious. It is considered malicious because: - The...
MAL-2023-1220 Malicious code in js-starter-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ac64c737affe45fd76d9899026d4a4d2f775e04e0391693ffcb2dafa665b07c5 The OpenSSF Package Analysis project identified 'js-starter-code' @ 1.1.1 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1288 Malicious code in schweppes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c6413b14065c0dae4dd031864f7a515ead037541f7f74a2907a2d554ebe4e7fe The OpenSSF Package Analysis project identified 'schweppes' @ 1.0.2 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1096 Malicious code in @okcoin-dev/blade (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71645eda002c3a56f041a1c91f7072a640455be1d5bed1cc7cf67fd4c1cff44b The OpenSSF Package Analysis project identified '@okcoin-dev/blade' @ 1.11.33 npm as malicious. It is considered malicious because: - The packag...
Malicious code in angular-mep (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 681355ff3db8d03fa0216e4ff152cb0be7e3cd485423c68fc2d3b33c8feae3a5 The OpenSSF Package Analysis project identified 'angular-mep' @ 1.3.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1132 Malicious code in chain00x_tsrc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5926bd93f4ff900c16d517fa3e4dc243e5a29e79d3fb377b8304df57ab6d347e The OpenSSF Package Analysis project identified 'chain00xtsrc' @ 1.0.5 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1131 Malicious code in chain00x_rce1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2d528fd659506ce3a370f146632641af04a4a41e0c1b4d0e148e48a2b57e8b40 The OpenSSF Package Analysis project identified 'chain00xrce1' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...