4880 matches found
Malicious code in react-native-apollo-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 643d99775fbe5d1e11235967329b1d9bfdd5f173b113db79c998b0ea7f2b7b3c The OpenSSF Package Analysis project identified 'react-native-apollo-devtools' @ 1.0.0 npm as malicious. It is considered malicious because: - T...
Malicious code in hts-open-dex-react-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71bfac5a5597cde45524360e887ab5bed0c9e5b8c5337ac9c0728b677529de56 The OpenSSF Package Analysis project identified 'hts-open-dex-react-ui' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
Malicious code in ecpfs-react-jest-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 32b1e08557df6041c33ac4eaf0ebb0a3cdbc1bebeeb27b97321516cd0772898a The OpenSSF Package Analysis project identified 'ecpfs-react-jest-helpers' @ 2.0.1-v1 npm as malicious. It is considered malicious because: - Th...
MAL-2025-25 Malicious code in ecpfs-react-jest-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 32b1e08557df6041c33ac4eaf0ebb0a3cdbc1bebeeb27b97321516cd0772898a The OpenSSF Package Analysis project identified 'ecpfs-react-jest-helpers' @ 2.0.1-v1 npm as malicious. It is considered malicious because: - Th...
MAL-2025-3 Malicious code in safe-apps-react-sdk (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4844f797621f2cd62b20851643278b7d27cfc2ca46fdd1485383cd7818d5c0a8 Any computer that has this package install...
Malicious code in safe-apps-react-sdk (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4844f797621f2cd62b20851643278b7d27cfc2ca46fdd1485383cd7818d5c0a8 Any computer that has this package install...
Malicious code in safe-react-components (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb053fb51230ded6b594cc92293d5377c31b4b9fd8d47e14e46d824d7e672910 Any computer that has this package install...
MAL-2025-4 Malicious code in safe-react-components (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb053fb51230ded6b594cc92293d5377c31b4b9fd8d47e14e46d824d7e672910 Any computer that has this package install...
MAL-2024-12133 Malicious code in aem-react-spa (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54bb39f84add565409123e2afb033f2b001ab42f9fde0cdb31e4927d222e1419 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in aem-react-spa (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54bb39f84add565409123e2afb033f2b001ab42f9fde0cdb31e4927d222e1419 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in twilio-voice-react-native-reference-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d9657ad82a767c729a41687ce64fc66b8d9727da18bc576e49a6c362582772d0 The OpenSSF Package Analysis project identified 'twilio-voice-react-native-reference-server' @ 1.1.0 npm as malicious. It is considered maliciou...
Malicious code in react-release-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3056b390e6fea55432a197cca0d614e66de98058a3e4b6087a547a66327ee6c5 The OpenSSF Package Analysis project identified 'react-release-manager' @ 1.1.3 npm as malicious. It is considered malicious because: - The...
MAL-2024-12117 Malicious code in react-release-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3056b390e6fea55432a197cca0d614e66de98058a3e4b6087a547a66327ee6c5 The OpenSSF Package Analysis project identified 'react-release-manager' @ 1.1.3 npm as malicious. It is considered malicious because: - The...
Malicious code in react-spring-latest (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4479151acbc242dd9b62ac68197121a3b973d6eb0b58d6a0ac6900f63b9fe1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12114 Malicious code in react-spring-latest (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4479151acbc242dd9b62ac68197121a3b973d6eb0b58d6a0ac6900f63b9fe1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-native-simpl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c97d735ebc317ac72a7551682b1498e38aa84ed2e3be90fc979c8c7fedeb8b8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12089 Malicious code in react-native-simpl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c97d735ebc317ac72a7551682b1498e38aa84ed2e3be90fc979c8c7fedeb8b8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12031 Malicious code in react-multer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 876139b096ddb1bf239489a666a6248e65ba5512906c207b40104c7efe2f1616 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-multer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 876139b096ddb1bf239489a666a6248e65ba5512906c207b40104c7efe2f1616 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in hyperion-react-testapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 99a7ef31fe91a90b5e4780028e2f80cfe27e522aa931ce419fa5bed74d0c17fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...