issues
search
ossf
/
malicious-packages
A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
Apache License 2.0
205
stars
19
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Adds report for pentesters987abc (NPM)
#524
lujunsan
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.1 to 1.55.0
#523
dependabot[bot]
closed
4 weeks ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.17
#522
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.1 to 1.54.4
#521
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.16
#520
dependabot[bot]
closed
1 month ago
1
Bump github/codeql-action from 3.25.0 to 3.25.8
#519
dependabot[bot]
closed
3 weeks ago
1
Add reversing-labs as a source, and allow access to AWS.
#518
calebbrown
closed
1 week ago
0
Add an automated "impact" check
#517
calebbrown
opened
1 month ago
0
Adds report for cpr-mfe (NPM)
#516
lujunsan
closed
1 month ago
0
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.15
#515
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.14
#514
dependabot[bot]
closed
1 month ago
1
Adding stw-tenant-library (npm)
#513
lukehinds
closed
1 month ago
0
Adds report for mcft_client (NPM) and wdio-api-client (NPM)
#512
lujunsan
closed
1 month ago
0
Entry for pytoileur is missing
#511
prabhu
opened
1 month ago
0
Adds report for stablecoin-evm (NPM) and xloportailcfn (NPM)
#510
lujunsan
closed
1 month ago
0
Bump github/codeql-action from 3.25.0 to 3.25.7
#509
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.13
#508
dependabot[bot]
closed
1 month ago
1
Adds report for cedar-snippet (NPM)
#507
lujunsan
closed
1 month ago
0
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.12
#506
dependabot[bot]
closed
1 month ago
1
Bump github.com/google/osv-scanner from 1.6.1 to 1.7.4
#505
dependabot[bot]
closed
2 weeks ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.11
#504
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.10
#503
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.9
#502
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.1 to 1.54.3
#501
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.8
#500
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.7
#499
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.6
#498
dependabot[bot]
closed
1 month ago
1
Bump github/codeql-action from 3.25.0 to 3.25.6
#497
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.1 to 1.54.2
#496
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.5
#495
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.4
#494
dependabot[bot]
closed
1 month ago
1
Bump actions/checkout from 4.1.3 to 4.1.6
#493
dependabot[bot]
closed
3 weeks ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.3
#492
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.1 to 1.54.1
#491
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.2
#490
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.1 to 1.54.0
#489
dependabot[bot]
closed
1 month ago
1
Bump cloud.google.com/go/storage from 1.40.0 to 1.41.0
#488
dependabot[bot]
closed
4 weeks ago
1
Add an automated check to ensure package reports are never removed.
#487
calebbrown
opened
1 month ago
0
Bump github/codeql-action from 3.25.0 to 3.25.5
#486
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.53.0
#485
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.52.6
#484
dependabot[bot]
closed
1 month ago
1
Bump ossf/scorecard-action from 2.3.1 to 2.3.3
#483
dependabot[bot]
closed
3 weeks ago
1
Revert "Add support for multiple prefixes per source."
#482
oliverchang
closed
2 months ago
2
Bump github.com/google/osv-scanner from 1.6.1 to 1.7.3
#481
dependabot[bot]
closed
1 month ago
1
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.52.5
#480
dependabot[bot]
closed
2 months ago
1
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.1 to 1.53.2
#479
dependabot[bot]
closed
1 month ago
1
Add support for multiple prefixes per source.
#478
calebbrown
closed
2 months ago
1
Improve package name handling and remove self refs.
#477
calebbrown
closed
1 month ago
0
Bump github.com/aws/aws-sdk-go from 1.51.26 to 1.52.4
#476
dependabot[bot]
closed
2 months ago
1
Bump golangci/golangci-lint-action from 4.0.0 to 6.0.1
#475
dependabot[bot]
closed
2 weeks ago
1
Previous
Next