3 matches found
Malicious code in skyscanner-themes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4e80c6a572898c77cc6e5b4c0266cc4805778ec35102f514669accd32b0664f0 The OpenSSF Package Analysis project identified 'skyscanner-themes' @ 5.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1297 Malicious code in skyscanner-themes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4e80c6a572898c77cc6e5b4c0266cc4805778ec35102f514669accd32b0664f0 The OpenSSF Package Analysis project identified 'skyscanner-themes' @ 5.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious Package
Overview skyscanner-themes is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...