参考: https://www.stepsecurity.io/blog/multiple-redhat-cloud-services-npm-packages-compromised https://app.stepsecurity.io/oss-security-feed?q=@redhat-cloud-services 受影响的包 | 包名 | 受影响版本 | | --- | --- | | @redhat-cloud-services/chrome | 2.3.1 | | @redhat-cloud-services/compliance-client | 4.0.3 | | @redhat-cloud-services/config-manager-client | 5.0.4 | | @redhat-cloud-services/entitlements-client | 4.0.11 | | @redhat-cloud-services/eslint-config-redhat-cloud-services | 3.2.1 | | @redhat-cloud-services/frontend-components | 7.7.2 | | @redhat-cloud-services/frontend-components-advisor-components | 3.8.2 | | @redhat-cloud-services/frontend-components-config | 6.11.3 | | @redhat-cloud-services/frontend-components-config-utilities | 4.11.2 | | @redhat-cloud-services/frontend-components-notifications | 6.9.2 | | @redhat-cloud-services/frontend-components-remediations | 4.9.2 | | @redhat-cloud-services/frontend-components-testing | 1.2.1 | | @redhat-cloud-services/frontend-components-translations | 4.4.1 | | @redhat-cloud-services/frontend-components-utilities | 7.4.1 | | @redhat-cloud-services/hcc-feo-mcp | 0.3.1 | | @redhat-cloud-services/hcc-kessel-mcp | 0.3.1 | | @redhat-cloud-services/hcc-pf-mcp | 0.6.1 | | @redhat-cloud-services/host-inventory-client | 5.0.3 | | @redhat-cloud-services/insights-client | 4.0.4 | | @redhat-cloud-services/integrations-client | 6.0.4 | | @redhat-cloud-services/javascript-clients-shared | 2.0.8 | | @redhat-cloud-services/notifications-client | 6.1.4 | | @redhat-cloud-services/patch-client | 4.0.4 | | @redhat-cloud-services/quickstarts-client | 4.0.11 | | @redhat-cloud-services/rbac-client | 9.0.3 | | @redhat-cloud-services/remediations-client | 4.0.4 | | @redhat-cloud-services/rule-components | 4.7.2 | | @redhat-cloud-services/sources-client | 3.0.10 | | @redhat-cloud-services/topological-inventory-client | 3.0.10 | | @redhat-cloud-services/tsc-transform-imports | 1.2.2 | | @redhat-cloud-services/types | 3.6.1 |