Lucene search
GoogleOSV:MAL-2024-131HistoryJan 18, 2024 - 5:30 a.m.
Malicious code in pd-ui-kit (npm)
2024-01-1805:30:41
Google
osv.dev
3
malicious activity
package analysis
npm
domain communication
command execution
security issue
7.3 High
AI Score
Confidence
High
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (b46ebcb2f76102916a1ab764b5af360b8c6cdd1dc56a269538132bcc4e307983)
The OpenSSF Package Analysis project identified βpd-ui-kitβ @ 1.5.1 (npm) as malicious.
It is considered malicious because:
-
The package communicates with a domain associated with malicious activity.
-
The package executes one or more commands associated with malicious behavior.
7.3 High
AI Score
Confidence
High