Malicious Package

Overview react-jesting-library is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious Package

Overview react-datepicker-docs is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious Package

Overview react-ldclient-default-values is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...

Malicious Package

Overview react-native-performance-monorepo is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable...

Malicious Package

Overview react-swipeable-wrapper-example is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable i...

Malicious Package

Overview react-video-live-demo is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious Package

Overview react-table-v7 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...

Malicious Package

Overview react-table-types is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

Malicious Package

Overview @react-native-tscodegen/tslint-shared is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only...

Malicious Package

Overview uitk-react-rating is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

Malicious Package

Overview react-dom-router-old is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious Package

Overview @uc-maps/boundaries-core.react is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...

react-native-url-preview (=1.1.9), react-native-url-preview-tgp (=1.1.9) +1 more potentially affected by CVE-2022-25876 via link-preview-js (>=2.0.4 <=2.1.13)

link-preview-js NPM version =2.0.4, =2.1.4, =2.2.0 Source cves: CVE-2022-25876 Source advisory: SNYK:JS-LINKPREVIEWJS-2933520...

MAL-2022-555 Malicious code in @react-native-tscodegen/tslint-shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e2920511a6030acb6748a13dce7281e827a19c4c2e46c876e98887d428d3717 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in toolbox-react-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80bd5635a411f906576afb9ea138bba8e2255f7b8b726a44f8ce36c026532850 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in auth0-react-03-calling-an-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2054a240d41b52df55824d18483423f9d15242ac4ecec94d5557ae88d1350a25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1176 Malicious code in auth0-react-03-calling-an-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2054a240d41b52df55824d18483423f9d15242ac4ecec94d5557ae88d1350a25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in isomsorphic-react-dom (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af5cb42b8400c90362f3b20685e648e98824dfcbfb667b1af00eba3754bdd507 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3969 Malicious code in isomsorphic-react-dom (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af5cb42b8400c90362f3b20685e648e98824dfcbfb667b1af00eba3754bdd507 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in uitk-react-cards (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9965bbd837fd0acf75ec3df445f665c925c79dfccaa53f0ac34b59b933ab2011 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...