Typosquatting Malware symfont/process

Question

jonkerw85 opened this issue 3 years ago · comments

Best,

I would like to add the Typosquatting Malware symfont/process (https://www.kernelmode.blog/typosquatting-malware-found-in-composer-repository/) to this project but do not know how to do this because the malware itself has no corresponding cve.

Is it possible to add a vulnerability without a cve to this project?

Kind regards,
Wilfried

Fabien Potencier · Answer 1 · Fri Sep 10 2021 18:57:29 GMT+0800 (China Standard Time)

Yes, no need for a cve

Alexander M. Turek · Answer 2 · Fri Sep 10 2021 19:04:58 GMT+0800 (China Standard Time)

Can this package be removed from Packagist?

Jordi Boggiano · Answer 3 · Fri Sep 10 2021 22:58:46 GMT+0800 (China Standard Time)

It's gone now