npm · registry.npmjs.org
@upstash/redis
Js Decode Then Exec: base64 / atob / fromCharCode decode paired with eval / new Function in the same file — canonical obfuscated-loader pattern.
Why PkgRadar flagged 0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260529010313
| Severity | Signal | Evidence |
|---|---|---|
| high | Js Decode Then Exec | base64 / atob / fromCharCode decode paired with eval / new Function in the same file — canonical obfuscated-loader pattern. · package/nodejs.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.0.0-ci.3024bb2890c4905efb4d67c3df0bd477a8f7fcb6-20260612010833 | Low risk | 0 | 2026-06-12 |
0.0.0-ci.3024bb2890c4905efb4d67c3df0bd477a8f7fcb6-20260611111354 | Low risk | 0 | 2026-06-11 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260611010757 | Low risk | 0 | 2026-06-11 |
0.0.0-ci.777105acc292807b45fbf28eae65b0f5fdd567ff-20260610152749 | Low risk | 0 | 2026-06-10 |
0.0.0-ci.0ef8508e31320c93ac55d316da6338569c1b1d1a-20240930060158 | Low risk | 0 | 2026-06-10 |
1.38.0 | Low risk | 0 | 2026-06-10 |
0.0.0-ci.bb93ac2803c2e927dc8bf1a1b3c5aa2a14034eb6-20240930061920 | Low risk | 0 | 2026-06-10 |
0.0.0-ci.d5a3755fc9b7f20ae020610e422a17d9716e8bdc-20260610150138 | Low risk | 0 | 2026-06-10 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260610010457 | Low risk | 0 | 2026-06-10 |
0.0.0-ci.4a06b0e835dfcf7c65adf3bbb50004d72f6f40c1-20260609093857 | Low risk | 0 | 2026-06-09 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260608010551 | Low risk | 0 | 2026-06-08 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260607010706 | Low risk | 0 | 2026-06-07 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260606005938 | Low risk | 0 | 2026-06-06 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260605010246 | Low risk | 0 | 2026-06-05 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260604011111 | Low risk | 0 | 2026-06-04 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260603011229 | Low risk | 0 | 2026-06-03 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260602010608 | Low risk | 0 | 2026-06-02 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260601010852 | Low risk | 0 | 2026-06-01 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260531010345 | Low risk | 0 | 2026-05-31 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260530010108 | Low risk | 0 | 2026-05-30 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260529010313 | Review | 13 | 2026-05-29 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260528005727 | Low risk | 0 | 2026-05-28 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260527010004 | Low risk | 0 | 2026-05-27 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260523005721 | Review | 50 | 2026-05-24 |
0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260524010157 | Review | 50 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm @upstash/redis@0.0.0-ci.bf3f48a3bcadc4e2c51a90eefb0ff87cb64f646a-20260529010313