corplogger@0.0.1-security vulnerabilities
security holding package
latest version
0.0.1-security
first published
5 months ago
latest version published
5 months ago
Direct Vulnerabilities
Known vulnerabilities in the corplogger package. This does not include vulnerabilities belonging to this package’s dependencies.
Fix vulnerabilities automatically
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
corplogger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship. How to fix Malicious Package? Avoid using all malicious instances of the | * |
corplogger is a malicious package. This is a "dependency confusion" package, which means the package name is based on existing repositories, namespaces, or components, it aims to trick users into downloading the package which contains a malicious code. How to fix Malicious Package? Avoid using all malicious instances of the | * |