gem · Malicious package advisory
Malwaregitlab-glfm-markdown
MAL-2023-1425
Malicious code in gitlab-glfm-markdown (RubyGems)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (2e04df4c0bb1f91ce34ee36e4731ee580ff1e7a1131cafd97a660d90f4c4cfb1) The OpenSSF Package Analysis project identified 'gitlab-glfm-markdown' @ 7.0.1 (rubygems) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity.
Compromised versions (1)
- 7.0.1
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.