Lucene search
+L

5 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:25 p.m.7 views

Malicious code in license-o-matic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ce44db24a3d6b239882af3df83b529d0110d58680c77d244af2553ac9436085 The package license-o-matic was found to contain malicious code. Source: ghsa-malware 49c52a247d555acb52bb022b38b85269d3d53c968f4702b205402846d92a18b...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 10:25 p.m.7 views

EUVD-2025-199228

Malicious code in license-o-matic npm...

6.6AI score
Exploits0References4
OSV
OSV
added 2025/11/24 10:25 p.m.6 views

MAL-2025-191123 Malicious code in license-o-matic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ce44db24a3d6b239882af3df83b529d0110d58680c77d244af2553ac9436085 The package license-o-matic was found to contain malicious code. Source: ghsa-malware 49c52a247d555acb52bb022b38b85269d3d53c968f4702b205402846d92a18b...

6.8AI score
Exploits0References4
Snyk
Snyk
added 2025/11/24 4:24 p.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.9 views

@langri-sha/projen-license (>=0.1.0 <=0.3.3), @langri-sha/projen-project (>=0.9.0 <=0.17.0) potentially affected by unknown CVE via license-o-matic (=1.2.0)

license-o-matic NPM version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on license-o-matic and may be impacted: - @langri-sha/projen-license =0.1.0, =0.9.0, =0.17.0 Source cves: unknown CVE Source advisory: SNYK:JS-LICENSEOMATIC-14103652...

5.5AI score
Exploits0
Rows per page
Query Builder