5
Scans
15
Packages scanned
4
Compromised
0
HIGH/CRITICAL CVEs
1
Ecosystems
0
Parse errors
Scan sources
| Source | Tool | Lockfiles | Packages | MAL | HIGH/CRIT |
|---|---|---|---|---|---|
/tmp/pd-scans/repo-cap.json | 0.1.0 | 1 | 1 | 2 | 0 |
/tmp/pd-scans/repo-java-svc.json | 0.1.0 | 1 | 3 | 0 | 0 |
/tmp/pd-scans/repo-legacy-node.json | 0.1.0 | 1 | 2 | 2 | 0 |
/tmp/pd-scans/repo-ml-pipeline.json | 0.1.0 | 1 | 8 | 0 | 0 |
/tmp/pd-scans/repo-website.json | 0.1.0 | 1 | 1 | 0 | 0 |
Campaign rollup
| Advisory | Kind | Campaign | Ecosystems | Hits | Sources |
|---|---|---|---|---|---|
EXTRA-2018-0001 | MALICIOUS | event-stream / flatmap-stream credential stealer | npm | 2 | 1 |
EXTRA-2026-0001 | MALICIOUS | Mini Shai-Hulud (SAP CAP) | npm | 1 | 1 |
MAL-2026-3178 | MALICIOUS | npm | 1 | 1 |
All findings
Severity:
Ecosystem:
| Kind | Package | Advisory | Campaign | Lockfile | Source |
|---|---|---|---|---|---|
| MALICIOUS | npm:@cap-js/sqlite@2.2.2 | EXTRA-2026-0001 [ref] [ref] [ref] | Mini Shai-Hulud (SAP CAP) | tests/fixtures/npm/mini-shaihulud.lock.json | /tmp/pd-scans/repo-cap.json |
| MALICIOUS | npm:@cap-js/sqlite@2.2.2 | MAL-2026-3178 [ref] [ref] | tests/fixtures/npm/mini-shaihulud.lock.json | /tmp/pd-scans/repo-cap.json | |
| MALICIOUS | npm:event-stream@3.3.6 | EXTRA-2018-0001 [ref] [ref] [ref] | event-stream / flatmap-stream credential stealer | tests/fixtures/npm/historic-event-stream.lock.json | /tmp/pd-scans/repo-legacy-node.json |
| MALICIOUS | npm:flatmap-stream@0.1.1 | EXTRA-2018-0001 [ref] [ref] [ref] | event-stream / flatmap-stream credential stealer | tests/fixtures/npm/historic-event-stream.lock.json | /tmp/pd-scans/repo-legacy-node.json |