MAL-2023-1130
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/cdp-ops--ts-accesslog/MAL-2023-1130.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2023-1130
- Published
- 2023-06-14T15:31:35Z
- Modified
- 2023-08-10T06:17:47Z
- Summary
- Malicious code in cdp-ops--ts-accesslog (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (3f91b885ec95bb15b4a6f58f71cccba8ac7528ef5c5bcae18f34f74e27f0f444)
The OpenSSF Package Analysis project identified 'cdp-ops--ts-accesslog' @ 1.4.3 (npm) as malicious.
It is considered malicious because: - The package executes one or more commands associated with malicious behavior.
- Database specific
{ "malicious-packages-origins": [ { "versions": [ "1.4.3" ], "modified_time": "2023-06-14T15:31:35.725454259Z", "source": "ossf-package-analysis", "sha256": "3f91b885ec95bb15b4a6f58f71cccba8ac7528ef5c5bcae18f34f74e27f0f444", "import_time": "2023-08-10T06:17:26.446470176Z" }, { "versions": [ "1.4.4" ], "modified_time": "2023-06-16T08:01:21.532420072Z", "source": "ossf-package-analysis", "sha256": "9e9986c87e82e92290d73037b310f3b32d3d5897d939527cc45dfe17f8eba597", "import_time": "2023-08-10T06:17:26.899524063Z" }, { "versions": [ "1.4.5" ], "modified_time": "2023-06-16T08:16:35.051823793Z", "source": "ossf-package-analysis", "sha256": "d012f6dd30d8109a843e9bf1dfe6cf187fea9d8b2760f9b81876f55b8ae12253", "import_time": "2023-08-10T06:17:27.147864396Z" } ] }- References
-
- Credits
-
-
- OpenSSF: Package Analysis - FINDER
-
Affected packages
npm / cdp-ops--ts-accesslog
Package
- Name
- cdp-ops--ts-accesslog
- View open source insights on deps.dev
- Purl
- pkg:npm/cdp-ops--ts-accesslog