2 matches found
qrmark-logo (>=1.0.7 <=1.0.8) potentially affected by unknown CVE via components-flexibility (=6.1.25)
components-flexibility NPM version =6.1.25 is affected by a known vulnerability. The following packages have a transitive dependency on components-flexibility and may be impacted: - qrmark-logo =1.0.7, =1.0.8 Source cves: unknown CVE Source advisory: SNYK:JS-COMPONENTSFLEXIBILITY-13561387...
Malicious Package
Overview components-flexibility is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...