logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

MAL-2024-12168 @swiggy-private/js-utils

Package

Manager: npm
Name: @swiggy-private/js-utils
Vulnerable Version: =1.0.0 || =1.0.1 || =1.0.999999999 || =1.9.9999 || =1.9.999999999 || =1.15.999999999999 || =2.9.999999999 || =2.9.999999999999 || =2.15.999999999999 || =3.9.999999999 || =3.9.999999999999 || =3.10.999999999999 || =3.11.999999999999 || =3.12.999999999999 || =3.13.999999999999 || =3.15.999999999999 || =5.9.9999 || =99.9.9999 || =100.9.9999 || =101.9.9999 || =999.9.9999 || =9999.9.9999 || =9999.99.9999 || =999999.99.9999 || =9999999.99.9999 || =99999999.99.9999 || =99999999.999.9999 || =99999999.10000.9999 || =99999999.10001.9999 || =99999999.10002.9999 || =99999999.10003.9999 || =99999999.10004.9999 || =99999999.10005.9999 || =99999999.10006.9999 || =99999999.10007.9999 || =99999999.10008.9999 || =99999999.10009.9999 || =99999999.10010.9999 || =99999999.10011.9999 || =99999999.10012.9999

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

EPSS: N/A pctlN/A

Details

Malicious code in @swiggy-private/js-utils (npm)

Metadata

Created: 2024-12-30T22:26:23Z
Modified: 2025-02-03T18:38:39Z
Source: https://github.com/ossf/malicious-packages
CWE IDs: ["CWE-506"]
Alternative ID: N/A
Finding: F448
Auto approve: 1