18 matches found
MAL-2026-3509 Malicious code in pp-react-v5 (npm)
pp-react-v5 is a dependency confusion package published at the inflated version 10.0.0 to win npm resolution over any internally-hosted package of the same name. The package contains only a package.json with no functional source code. On installation the preinstall script executes a wget command...
Malicious code in pp-react-v5 (npm)
pp-react-v5 is a dependency confusion package published at the inflated version 10.0.0 to win npm resolution over any internally-hosted package of the same name. The package contains only a package.json with no functional source code. On installation the preinstall script executes a wget command...
Malicious code in pp-react-theme (npm)
The package pp-react-theme was found to contain malicious code...
MAL-2025-45583 Malicious code in pp-react-theme (npm)
The package pp-react-theme was found to contain malicious code...
MAL-2025-45582 Malicious code in pp-react-country-input (npm)
The package pp-react-country-input was found to contain malicious code...
Malicious code in pp-react-country-input (npm)
The package pp-react-country-input was found to contain malicious code...
MAL-2025-42129 Malicious code in pp-react-grid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71193da54e6cdc258489d02db5987830a3bc147cbf9b43236f5757cab04f9c73 The OpenSSF Package Analysis project identified 'pp-react-grid' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in pp-react-grid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71193da54e6cdc258489d02db5987830a3bc147cbf9b43236f5757cab04f9c73 The OpenSSF Package Analysis project identified 'pp-react-grid' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-42130 Malicious code in pp-react-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cb754d012bc21065e6e4e5d42668a8b226bb1c18d2f8ef04c9ce6a2a8b9f1c47 The OpenSSF Package Analysis project identified 'pp-react-icons' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in pp-react-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cb754d012bc21065e6e4e5d42668a8b226bb1c18d2f8ef04c9ce6a2a8b9f1c47 The OpenSSF Package Analysis project identified 'pp-react-icons' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2025-29564 Malicious code in pp-react (npm)
The package pp-react was found to contain malicious code...
Malicious code in pp-react-l10n (npm)
The package pp-react-l10n was found to contain malicious code...
Malicious code in pp-react (npm)
The package pp-react was found to contain malicious code...
MAL-2025-29565 Malicious code in pp-react-l10n (npm)
The package pp-react-l10n was found to contain malicious code...
Malicious code in pp-react-content-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e8280f253e75704177d57797625fe0d81836b0ae85c09ebbc58cdbec1b2a5b4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1621 Malicious code in pp-react-content-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e8280f253e75704177d57797625fe0d81836b0ae85c09ebbc58cdbec1b2a5b4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5434 Malicious code in pp-react-buttons (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 000ff8cda66b7a099f0780508fa3aa26f9c586ea54c2ec040c448b46ba5e8a97 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pp-react-buttons (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 000ff8cda66b7a099f0780508fa3aa26f9c586ea54c2ec040c448b46ba5e8a97 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...