Spectra Assure
Community
Docs

noblox.js-securev4.2.0

malicious
Research
License: Permissive (MIT)
npm
Homepage
Published: about 1 year ago
A Node.js API wrapper for Roblox.
Fail
Incident: Malware
4 supply chain attack artifacts (Researcher)
Incidents
Type: malwareReported By: ReversingLabs (Researcher) Reported: about 1 year ago
Learn more about malware detection
Type: malwareReported By: Community (OpenSSF)Reported: 3 months ago

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
1 medium severity vulnerabilities
Hardening
No application hardening issues

Threats

Tampering
No evidence of software tampering
Malware
4 supply chain attack artifacts (Researcher)

Issues

See all issues
high
Detected presence of files containing URLs that reside in regions with export restrictions by the European Union.
hunting
high
Detected presence of files containing URLs that link to raw files on GitHub.
hunting
high
Detected presence of malicious files through analyst-vetted file reputation.
threats
high
Detected presence of known software supply chain attack artifacts.
threats
medium
Detected presence of medium severity vulnerabilities.
vulnerabilities

Behaviors

See all behaviors
Contains URLs that link to raw files on GitHub.
network
Contains URLs that reside in regions sanctioned by the European Union.
network
Calculates the MD5 hash of data.
file
Enumerates files in a given directory.
search
Queries the value of an environment variable.
search

Vulnerabilities

critical0
high0
medium1
low0

Downloads

N/A
Recorded Downloads Since 2021

Maintenance

1
Maintainer

Dependencies

10
Declared Dependencies

Dependents

0
Dependents

Issues per Version Graph

Scanned 10 days ago