Lucene search
+L

6 matches found

ossf
ossf
added 2026/06/15 3:54 p.m.13 views

Malicious code in nativescript-swisspost-imagepicker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2271ce1525f722f302ee59b9de3270020e6d1aa84d74cc2972cb6ffa34d9a62 package.json declares preinstall: node index.js. On npm install, index.js reads process.env.INITCWD the installing project's working directory, takes...

6.1AI score
Exploits0References2
snyk
snyk
added 2023/03/01 8:18 a.m.4 views

Malicious Package

Overview swisspost is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7.1AI score
Exploits0References3
ossf
ossf
added 2023/02/02 7:41 p.m.3 views

Malicious code in swisspost (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74d696737991f359ea326bffe6ff2cc67a2dda5953c0181554663abd6685b024 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
osv
osv
added 2023/02/02 7:41 p.m.6 views

MAL-2023-823 Malicious code in swisspost (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74d696737991f359ea326bffe6ff2cc67a2dda5953c0181554663abd6685b024 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References2
ossf
ossf
added 2022/06/20 8:14 p.m.4 views

Malicious code in swisspost-intranet-header (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1cd9984e1fcab13de30b4ca16437c318886873a9c7f1303d9141f75729d9f01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
osv
osv
added 2022/06/20 8:14 p.m.6 views

MAL-2022-6379 Malicious code in swisspost-intranet-header (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1cd9984e1fcab13de30b4ca16437c318886873a9c7f1303d9141f75729d9f01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder