Spectra Assure
Community
Docs

got-fetchv5.1.12

latest
removed
malicious
Copy SHA256
License: Permissive (MIT)
Repository
npm
Homepage
Published: 2 months ago
A fetch-compatible interface to the got HTTP client
Fail
Incident: Malware
1 supply chain attack artifacts
Incidents
Type: malwareReported By: Community (Bleeping Computer)Reported: 2 months ago
More info
Type: malwareReported By: ReversingLabs (Researcher) Reported: 2 months ago
Learn more about malware detection
Type: malwareReported By: Community (OpenSSF)Reported: 2 months ago
More info
Type: malwareReported By: Community (Checkmarx)Reported: 2 months ago
More info
Type: malwareReported By: Community (Socket)Reported: 2 months ago
More info
Type: removalReported By: Community

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
1 severe vulnerabilities exploited
Hardening
2 low priority mitigations absent

Threats

Tampering
1 malware-like behaviors found
Malware
1 supply chain attack artifacts

Issues

See all issues
high
Detected presence of software components that were removed from the public package repository.
hunting
high
Detected presence of files with behaviors that match the infostealer malware profile.
hunting
high
Detected presence of high severity vulnerabilities.
vulnerabilities
high
Detected presence of malware-exploited vulnerabilities.
vulnerabilities
high
Detected presence of severe vulnerabilities with active exploitation.
vulnerabilities

Behaviors

See all behaviors
Deletes files in Windows system directories.
file
Contains common certificate strings.
settings
Encrypts or encodes files and other data using the Windows Cryptography API.
file
Executes files during installation or upon launch.
execution
Checks operating system version.
search

Vulnerabilities

critical0
high1
medium2
low0

Downloads

3.02M
Recorded Downloads Since 2021

Contributions

1
Contributor

Dependencies

1
Declared Dependencies

Dependents

15
Dependents