npm

@ebay/ui-core-react @9.8.1

Vulnerability report · Last retrieved from osv.dev July 8, 2026 at 7:23 PM UTC

Malicious

OSV ID

MAL-2024-1006

Ecosystem

npm

Summary

@ebay/ui-core-react@9.8.1 is a scoped React UI component library published under the eBay organization scope. No indicators of credential exfiltration, install-time remote code execution, silent relay, dropper behavior, namespace abuse, or backdoor were observed across the 4317 scanned files. No lifecycle hooks fetching external content, no hardcoded attacker endpoints, and no environment-variable or filesystem secret reads were identified.

Source: amazon-inspector (910fed2596a854101b97448fdf2993d6012a25a091cf60e0f3c47540f295af3e)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.