Cookie Consent

Close
Cookies consenting list

For more information on cookies, please visit our Cookie Policy.

Cancel Save
listen.dev
  • Docs
  • Blog
  • Pricing
  • Get started for free
Demo Get started for free

Manifest Confusion

Discrepancy between a package’s metadata published in the npm registry and the actual contents of its tarball.

  • attack vector
  • npm
  • see all
  • malware

    Understanding and Preventing Manifest Confusion

    A primer on manifest confusion vulnerability in npm

    npm manifest confusion attack vector
    Published by Garnet Research (@research) Garnet Research (@research)
    By @research 
    Date
    June 28, 2023
    Reading time 
     · 5 min
    Read more

Use open source with confidence.

Get started for free
listen.dev
Product
Verdict Pages GitHub Action lstn CLI Docs Pricing
Resources
Blog Discord GitHub FAQ Careers
Subscribe

Stay in the loop for latest updates, annoucements and insights on open source.

Get in touch.

Looks like you have Tracking Protection on... Please temporarily disable it in order to subscribe to our service.
  • Terms
  • Privacy
  • Security
Follow us on Twitter
Join our community on Discord
RSS Feed
garnet ©