failIncident: Malware

Scanned:

ng2-file-upload

latest

removed

malicious

Angular file uploader

License: Permissive (MIT)

Published:

See on npm

SAFE Assessment

Compliance

Licenses

No license compliance issues

Secrets

No sensitive information found

Security

Vulnerabilities

1 high severity vulnerabilities

Hardening

No application hardening issues

Threats

Tampering

1 suspicious application behaviors

Malware

4 supply chain attack artifacts

IMPORTANT: This package had 6 malicious incidents in the last 2 years

Latest malware incident detected:

Version: 7.0.3

INCIDENTS FOR THIS VERSION:

malware

Reported By: Community (Socket)

More info

malware

Reported By: Community (StepSecurity)

More info

malware

Reported By: Community (Semgrep)

More info

malware

Reported By: Community (GitHub Advisory)

More info

malware

Reported By: Community (patlkli)

More info

malware

Reported By: Community (Aikido)

More info

malware

Reported By: Community (OpenSSF)

More info

malware

Reported By: ReversingLabs (Researcher)

See more info on our blog

malware

Reported By: Community (Wiz)

More info

malware

Reported By: Community (Checkmarx)

More info

malware

Reported By: Community (Sonatype)

More info

removal

N/AReported By: Community

List of known vulnerabilities affecting the software package and the components it embeds. Last refreshed on: 2025/12/24

All detected vulnerabilities are fixable

Run the update/upgrade command in your package manager to resolve the detected vulnerabilities

CVSS Score

CVE

Name

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.