Cx0805b703-029a @ Ios-ABTextFieldAnimations:ABTextFieldAnimations-0.2.1

[cxronen]

Vulnerable Package issue exists @ Ios-ABTextFieldAnimations:ABTextFieldAnimations-0.2.1 in branch main

This package is being consumed by an old name:

github.com/abhishaker17/abtextfieldanimations

And should be replaced using the new name:

github.com/n0shake/spork

About

ChainJacking allows attackers to take control over renamed GitHub repositories and by that hijack open-source packages, potentially serving malicious code from them.

Package managers often allow users to consume packages' code directly from version control systems such as GitHub. Several package managers rely on that practice as their primary way to serve code. Hence. an attacker gaining control over the right GitHub repository can infect the relevant open-source package.

Any package storing its code in a renamed GitHub repository is vulnerable to this attack.

Namespace: cxronen
Repository: AST_BookStore
Repository Url: https://github.com/cxronen/AST_BookStore
CxAST-Project: cxronen/AST_BookStore
CxAST platform scan: 1dfa7500-ca95-4ace-923f-3cf597ff6d1c
Branch: main
Application: AST_BookStore
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: ChainJacking

---

Additional Info