Spectra Assure
Community
Docs

ng2-file-uploadv8.0.3

latest
removed
malicious
Copy SHA256
License: Permissive (MIT)
npm
Homepage
Published: about 1 month ago
Angular file uploader
Fail
Incident: Malware
4 supply chain attack artifacts
Incidents
Type: malwareReported By: Community (Socket)Reported: about 1 month ago
More info
Type: malwareReported By: Community (StepSecurity)Reported: about 1 month ago
More info
Type: malwareReported By: Community (Semgrep)Reported: about 1 month ago
More info
Type: malwareReported By: Community (GitHub Advisory)Reported: 30 days ago
More info
Type: malwareReported By: ReversingLabs (Researcher) Reported: 29 days ago
Learn more about malware detection
Type: malwareReported By: Community (Aikido)Reported: 29 days ago
More info
Type: malwareReported By: Community (OpenSSF)Reported: 29 days ago
More info
Type: malwareReported By: Community (Wiz)Reported: 29 days ago
More info
Type: malwareReported By: Community (Checkmarx)Reported: 28 days ago
More info
Type: malwareReported By: Community (Sonatype)Reported: 28 days ago
More info
Type: removalReported By: Community

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
No known vulnerabilities detected
Hardening
No application hardening issues

Threats

Tampering
1 components prone to hijacking
Malware
4 supply chain attack artifacts

Issues

See all issues
high
Detected presence of known software supply chain attack artifacts.
threats
high
Detected presence of malicious files through analyst-vetted file reputation.
threats
high
Detected presence of files containing domains used for intercepting and inspecting HTTP requests.
hunting
high
Detected presence of software components that were removed from the public package repository.
hunting
medium
Detected presence of files with behaviors commonly used by malicious software.
hunting

Behaviors

See all behaviors
Enumerates an environment variable that holds an Amazon Web Services (AWS) session token.
search
Enumerates an environment variable that holds an Amazon Web Services (AWS) secret access key.
search
Enumerates an environment variable that holds an Amazon Web Services (AWS) access key.
search
Might contain potentially obfuscated code or data.
anomaly
Enumerates an environment variable that holds an Amazon Web Services (AWS) web identity token location.
search

Vulnerabilities

critical0
high0
medium0
low0

Downloads

19.59M
Recorded Downloads Since 2021

Contributions

4
Contributors

Dependencies

3
Declared Dependencies

Dependents

533
Dependents