Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cx65afcea4-5e85 @ Npm-event-pubsub-5.0.3 #71

Open
cx-tatianab opened this issue Feb 7, 2023 · 0 comments
Open

Cx65afcea4-5e85 @ Npm-event-pubsub-5.0.3 #71

cx-tatianab opened this issue Feb 7, 2023 · 0 comments
Labels
branch:main Checkmarx CxSCA

Comments

@cx-tatianab
Copy link
Owner

cx-tatianab commented Feb 7, 2023
edited

Vulnerable Package issue exists @ Npm-event-pubsub-5.0.3 in branch main

The Contributor of this package, npm user riaevangelist, previously seen corrupting one of his popular package node-ipc infected with a malicious payload. Read more

About

We recommend freezing this package's version in your manifest file or consider finding an alternative to this package.

Relying on code from an unreliable contributors could damage the integrity of the code built depends on it. There is a risk this package may be corrupted as well in future versions.

Namespace: cx-tatianab
Repository: cxone-advanced-lab
Repository Url: https://github.com/cx-tatianab/cxone-advanced-lab
CxAST-Project: cx-tatianab/cxone-advanced-lab
CxAST platform scan: f48a8601-7787-4317-9a43-352045cff082
Branch: main
Application: cxone-advanced-lab
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: Historical Unreliable User Contribution

Additional Info
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
branch:main Checkmarx CxSCA
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cx-tatianab