THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
Risk score
92
AI summary
Indexed incident for editorial-code (npm).
Description
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (d7404afc131a113ef01d7eb896439a8719bb0f1b8d67e491d53321fdd5981e97)
The OpenSSF Package Analysis project identified 'editorial-code' @ 99.0.1 (npm) as malicious.
It is considered malicious because:
- The package executes one or more commands associated with malicious behavior.
Technical details
Affected versions
<function fixed() { [native code] }
Indicators
- affected_version<function fixed() { [native code] }75%
Timeline
- Advisory published
- Indexed by ThreatPkg
Related incidents
- Malicious code in @polka-ui/config (npm)@polka-ui/config92
- Malicious code in mse-authentication (npm)mse-authentication92
- Malicious code in editorial-mse-authentication-ui (npm)editorial-mse-authentication-ui92
- Malicious code in saturn-bail (npm)saturn-bail92
- Malicious code in metricflow-tracker (npm)metricflow-tracker92