MAL-2023-1094

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@obg/gtm.types/MAL-2023-1094.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2023-1094

Published

2023-07-12T17:39:36Z

Modified

2023-08-10T06:17:47Z

Summary

Malicious code in @obg/gtm.types (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (2c49019b18d394a7faef47a1333687dacb2f9e2489953e8eddf211df2733d496)

The OpenSSF Package Analysis project identified '@obg/gtm.types' @ 99999.22222222.0 (npm) as malicious.

It is considered malicious because: - The package communicates with a domain associated with malicious activity. - The package executes one or more commands associated with malicious behavior.

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "2c49019b18d394a7faef47a1333687dacb2f9e2489953e8eddf211df2733d496",
            "import_time": "2023-08-10T06:16:32.390657303Z",
            "source": "ossf-package-analysis",
            "versions": [
                "99999.22222222.0"
            ],
            "modified_time": "2023-07-12T18:47:30.693442539Z"
        },
        {
            "sha256": "61cdd4b2d75299920a87baaabf2faa0b9d64b1819340fcbde16585c61cba12fd",
            "import_time": "2023-08-10T06:16:31.912705525Z",
            "source": "ossf-package-analysis",
            "versions": [
                "99999.22222.0"
            ],
            "modified_time": "2023-07-12T18:11:52.57788065Z"
        },
        {
            "sha256": "7057234fe38823adb7e1b23d23431c6463d943da8ee2112a8faef040d7a38383",
            "import_time": "2023-08-10T06:16:32.178537743Z",
            "source": "ossf-package-analysis",
            "versions": [
                "99999.222222.0"
            ],
            "modified_time": "2023-07-12T18:25:10.830164815Z"
        },
        {
            "sha256": "98c62152d5f0770b1e4a0cc6584e7f9f0316d8bbdf7dae0412feda21efc59b71",
            "import_time": "2023-08-10T06:16:31.656140863Z",
            "source": "ossf-package-analysis",
            "versions": [
                "99999.222.0"
            ],
            "modified_time": "2023-07-12T17:39:36.313070038Z"
        }
    ]
}

References

Credits

- OpenSSF: Package Analysis - FINDER
- - https://github.com/ossf/package-analysis
  - https://openssf.slack.com/channels/package_analysis

Affected packages

npm / @obg/gtm.types

Package

Name: @obg/gtm.types; View open source insights on deps.dev
Purl: pkg:npm/%40obg/gtm.types

Affected ranges

Affected versions

99999.*

99999.222.0

99999.22222.0

99999.222222.0

99999.22222222.0