scaling-palm-tree@0.0.1-security vulnerabilities

security holding package

latest version

0.0.1-security
first published

a year ago
latest version published

a year ago
View scaling-palm-tree package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the scaling-palm-tree package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
C Malicious Package scaling-palm-tree is a malicious package. This instance of the scaling-palm-tree package contains malware and attempts to compromise users by adopting dependency confusion techniques. A dependency confusion attack is a type of supply chain attack where malicious software is inserted into the development process by replacing a legitimate software package with a malicious one. Note: Users are exposed if they've installed the scaling-palm-tree package from public repositories. Installations of this package from private repositories or CDNs are likely safe to use. This package contains malicious code that exfiltrates sensitive user information. These spoofed packages have no relation to the company or project they are attempting to spoof, and are not published by them or associated with them in any way. Out of an abundance of caution, Snyk will mark any occurrence of the package as malicious, regardless of download source. Only the user can determine with certainty whether it is the intended package and can be safely ignored. How to fix Malicious Package? Avoid using all malicious instances of the `scaling-palm-tree` package.	*

Malicious Package

scaling-palm-tree is a malicious package.

This instance of the scaling-palm-tree package contains malware and attempts to compromise users by adopting dependency confusion techniques. A dependency confusion attack is a type of supply chain attack where malicious software is inserted into the development process by replacing a legitimate software package with a malicious one.

Note: Users are exposed if they've installed the scaling-palm-tree package from public repositories. Installations of this package from private repositories or CDNs are likely safe to use.

This package contains malicious code that exfiltrates sensitive user information.

These spoofed packages have no relation to the company or project they are attempting to spoof, and are not published by them or associated with them in any way. Out of an abundance of caution, Snyk will mark any occurrence of the package as malicious, regardless of download source. Only the user can determine with certainty whether it is the intended package and can be safely ignored.

How to fix Malicious Package?

Avoid using all malicious instances of the scaling-palm-tree package.

Go back to all versions of this package

scaling-palm-tree@0.0.1-security vulnerabilities

security holding package

latest version

first published

latest version published

Direct Vulnerabilities