MAL-2025-191006 Malicious code in react-native-websocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f48d8c015af60bd1c1cbe48b9005dbbde091d8abc3763d25544d978b8b133094 The package react-native-websocket was found to contain malicious code. Source: ghsa-malware...

Malicious code in react-native-websocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f48d8c015af60bd1c1cbe48b9005dbbde091d8abc3763d25544d978b8b133094 The package react-native-websocket was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199037

Malicious code in react-native-websocket npm...

@digifox/providers (=5.0.3), @wowpay/react-native-sdk (>=1.0.3 <=1.0.21) +3 more potentially affected by unknown CVE via react-native-websocket (=1.0.2)

react-native-websocket NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on react-native-websocket and may be impacted: - @digifox/providers =5.0.3 - @wowpay/react-native-sdk =1.0.3, =1.0.0, =1.0.0, =1.0.0, =1.0.2 Source cves: unknown CVE...

@digifox/providers (=5.0.3), @wowpay/react-native-sdk (>=1.0.3 <=1.0.21) +3 more potentially affected by unknown CVE via react-native-websocket (=1.0.2)

react-native-websocket NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on react-native-websocket and may be impacted: - @digifox/providers =5.0.3 - @wowpay/react-native-sdk =1.0.3, =1.0.0, =1.0.0, =1.0.0, =1.0.2 Source cves: unknown CVE...