Malicious Package The advisory has been revoked - it doesn't affect any version of package dtautodev_web (opens in a new tab)
Threat Intelligence
Exploit Maturity
Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
Proof of Concept
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-JS-DTAUTODEVWEB-3252561
- published29 Jan 2023
- disclosed29 Jan 2023
- creditSnyk Research Team
Introduced: 29 Jan 2023
Malicious CVE NOT AVAILABLE CWE-506 (opens in a new tab)Common Weakness Enumeration (CWE) is a category system for software weaknesses
Amendment
This was deemed not a vulnerability.
Overview
dtautodev_web is a malicious package. Note: This package was uncovered by one of Snyk's automated algorithms, and was since confirmed to be a proof-of-concept package uploaded by a researcher. It has been removed from the ecosystem and does not pose a threat.