Spectra Assure
Community
Docs
failIncident: Malware
Scanned: 11 days ago

React Native Tools

Artifact:
malicious
key project
Top 1k
License: unknown
Published: 9 months ago
Publisher: msjsdiag
See on Visual Studio Code

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
4 severe vulnerabilities exploited
Hardening
No application hardening issues

Threats

Tampering
No evidence of software tampering
Malware
1 malicious dependencies found

INCIDENTS:

malware
11 days agoReported By: ReversingLabs (Automated)
Learn more about malware detection
List of known vulnerabilities affecting the software package and the components it embeds. Last refreshed on: 2025/10/18
All detected vulnerabilities are fixable
Run the update/upgrade command in your package manager to resolve the detected vulnerabilities
CVSS Score
CVE
Name
Tags
critical
9.8
CVE-2018-16492
Exploits Exist
Fix Available
critical
9.8
CVE-2019-10196
Fix Available
critical
9.1
CVE-2018-3739
Exploits Exist
Fix Available
high
7.5
CVE-2022-25883
Exploits Exist
Fix Available
high
7.5
CVE-2022-3517
Fix Available
high
7.5
CVE-2022-38900
Exploits Exist
Fix Available
high
7.5
CVE-2024-37890
Fix Available
medium
6.5
CVE-2022-38778
Fix Available
low
3.1
CVE-2025-5889
Exploits Exist
Fix Available

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.