5 matches found
Malicious code in license-o-matic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ce44db24a3d6b239882af3df83b529d0110d58680c77d244af2553ac9436085 The package license-o-matic was found to contain malicious code. Source: ghsa-malware 49c52a247d555acb52bb022b38b85269d3d53c968f4702b205402846d92a18b...
EUVD-2025-199228
Malicious code in license-o-matic npm...
MAL-2025-191123 Malicious code in license-o-matic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ce44db24a3d6b239882af3df83b529d0110d58680c77d244af2553ac9436085 The package license-o-matic was found to contain malicious code. Source: ghsa-malware 49c52a247d555acb52bb022b38b85269d3d53c968f4702b205402846d92a18b...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
@langri-sha/projen-license (>=0.1.0 <=0.3.3), @langri-sha/projen-project (>=0.9.0 <=0.17.0) potentially affected by unknown CVE via license-o-matic (=1.2.0)
license-o-matic NPM version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on license-o-matic and may be impacted: - @langri-sha/projen-license =0.1.0, =0.9.0, =0.17.0 Source cves: unknown CVE Source advisory: SNYK:JS-LICENSEOMATIC-14103652...