VulnerableCode Package Details - pkg:npm/reques@0.0.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/reques@0.0.0

Essentials
History (2)

purl	pkg:npm/reques@0.0.0
Tags	Ghost

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-1118-wfde-6yax Aliases: GHSA-g8jc-mm3c-cwhj GMS-2020-464	Malicious Package in reques All versions of `reques` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise. ## Recommendation Remove the package from your dependencies and always ensure package names are typed correctly upon installation.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-02T12:37:07.291525+00:00	GitLab Importer	Affected by	VCID-1118-wfde-6yax	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/reques/GMS-2020-464.yml	38.0.0
2026-04-01T15:58:30.955798+00:00	GHSA Importer	Affected by	VCID-1118-wfde-6yax	https://github.com/advisories/GHSA-g8jc-mm3c-cwhj	38.0.0