You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There was a change to lessc-rhino and it is now listed as "Malware in lessc-rhino" with no context on what/where the malicious code was located. Is there a way to see what specifically was flagged as malicious?
"Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it."
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
There was a change to lessc-rhino and it is now listed as "Malware in lessc-rhino" with no context on what/where the malicious code was located. Is there a way to see what specifically was flagged as malicious?
"Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it."
GHSA-rw3m-xvr5-2gfx
Beta Was this translation helpful? Give feedback.
All reactions