UAParser.js npm Package Supply Chain Attack: Impact and Response - Truesec
Common Information
Type Value
UUID 3c3a9509-c62d-4577-b3bb-88cf56303c86
Fingerprint 8eb0f7178d304e83
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 24, 2021, midnight
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Dec. 19, 2024, 5:01 a.m.
Headline UAParser.js npm Package Supply Chain Attack: Impact and Response
Title UAParser.js npm Package Supply Chain Attack: Impact and Response - Truesec
Detected Hints/Tags/Attributes 22/1/15
Attributes
Details Type #Events CTI Value
Details Domain 18
npmjs.com
Details Domain 13
deps.dev
Details Domain 9
www.truesec.com
Details Domain 467
medium.com
Details Domain 4385
github.com
Details Email 2
medium.com/@alex.birsan
Details File 9
uaparser.js
Details File 165
package.json
Details File 8
package-lock.json
Details Github username 22
advisories
Details Github username 3
faisalman
Details Url 1
https://www.truesec.com/hub/blog/secure-your-software-supply-chain-threats-and-mitigations.
Details Url 2
https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610
Details Url 1
https://github.com/advisories/ghsa-pjwm-rvh2-c87w
Details Url 1
https://github.com/faisalman/ua-parser-js/issues/536