Possible NPM false positives

Discovered from manual analysis of NPM takedowns:
1. [`axelhowe@0.0.0-5VtLmtixx6V5PkcW`](https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/axelhowe/MAL-2024-30.json)
2. [`finalact@{1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.9, 1.2.1}`
](https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/finalact/MAL-2023-8743.json)
3. [`misk-tailwind-css@1.0.3`](https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/misk-tailwind-css/MAL-2023-1237.json)
4. [`react-native-transcribe@1.3.0`](https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/react-native-transcribe/MAL-2023-8321.json)
5. [`stupidrara@{0.0.0-jqNHd5ZlNt7p7qpN, 0.0.0-zpWizh8xZfZPkusR, 0.0.0-x0UfM01qT1x7tv5X}`](https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/stupidrara/MAL-2024-22.json)
6. [`techghoshal555@1.5.0`](https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/techghoshal555/MAL-2023-1313.json)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Possible NPM false positives #351

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Possible NPM false positives #351

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions