GMS-2021-1: Embedded Malicious Code

October 22, 2021

This package was found to contain malicious code.

References

github.com/advisories/GHSA-pjwm-rvh2-c87w
us-cert.cisa.gov/ncas/current-activity/2021/10/22/malware-discovered-popular-npm-package-ua-parser-js

Code Behaviors & Features

Detect and mitigate GMS-2021-1 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →