Technology
NPM packages from RedHat have been compromised
Key Points
- Notifications You must be signed in to change notification settings - Fork 33 [SECURITY]: Malicious npm releases detected across @redhat-cloud-services/ scope #492 Copy link Copy link Open Description Ref: - https://www.stepsecurity.io/blog/multiple-redhat-cloud-services-npm-packages-compromised - https://app.stepsecurity.io/oss-security-feed?q=@redhat-cloud-services Affected Packages | Package | Compromised Version | |---|---| @redhat-cloud-services/chrome | 2.3.1 |...
-
Notifications
You must be signed in to change notification settings - Fork 33
[SECURITY]: Malicious npm releases detected across @redhat-cloud-services/
scope #492
Copy link
Copy link
Open
Description
Ref:
- https://www.stepsecurity.io/blog/multiple-redhat-cloud-services-npm-packages-compromised
- https://app.stepsecurity.io/oss-security-feed?q=@redhat-cloud-services
Affected Packages
| Package | Compromised Version |
|---|---|
@redhat-cloud-services/chrome |
2.3.1 |
@redhat-cloud-services/compliance-client |
4.0.3 |
@redhat-cloud-services/config-manager-client |
5.0.4 |
@redhat-cloud-services/entitlements-client |
4.0.11 |
@redhat-cloud-services/eslint-config-redhat-cloud-services |
3.2.1 |
@redhat-cloud-services/frontend-components |
7.7.2 |
@redhat-cloud-services/frontend-components-advisor-components |
3.8.2 |
@redhat-cloud-services/frontend-components-config |
6.11.3 |
@redhat-cloud-services/frontend-components-config-utilities |
4.11.2 |
@redhat-cloud-services/frontend-components-notifications |
6.9.2 |
@redhat-cloud-services/frontend-components-remediations |
4.9.2 |
@redhat-cloud-services/frontend-components-testing |
1.2.1 |
@redhat-cloud-services/frontend-components-translations |
4.4.1 |
@redhat-cloud-services/frontend-components-utilities |
7.4.1 |
@redhat-cloud-services/hcc-feo-mcp |
0.3.1 |
@redhat-cloud-services/hcc-kessel-mcp |
0.3.1 |
@redhat-cloud-services/hcc-pf-mcp |
0.6.1 |
@redhat-cloud-services/host-inventory-client |
5.0.3 |
@redhat-cloud-services/insights-client |
4.0.4 |
@redhat-cloud-services/integrations-client |
6.0.4 |
@redhat-cloud-services/javascript-clients-shared |
2.0.8 |
@redhat-cloud-services/notifications-client |
6.1.4 |
@redhat-cloud-services/patch-client |
4.0.4 |
@redhat-cloud-services/quickstarts-client |
4.0.11 |
@redhat-cloud-services/rbac-client |
9.0.3 |
@redhat-cloud-services/remediations-client |
4.0.4 |
@redhat-cloud-services/rule-components |
4.7.2 |
@redhat-cloud-services/sources-client |
3.0.10 |
@redhat-cloud-services/topological-inventory-client |
3.0.10 |
@redhat-cloud-services/tsc-transform-imports |
1.2.2 |
@redhat-cloud-services/types |
3.6.1 |
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels
Type
Fields
Give feedbackNo fields configured for issues without a type.