MAL-2023-1136

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/client-ws-app/MAL-2023-1136.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2023-1136
Published
2023-05-24T04:17:13Z
Modified
2024-10-04T04:37:26Z
Summary
Malicious code in client-ws-app (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (32231907789db551e533776ab68a4a01f4029a0723291d70d65927559eb647d2)

The OpenSSF Package Analysis project identified 'client-ws-app' @ 5.20.20 (npm) as malicious.

It is considered malicious because: - The package communicates with a domain associated with malicious activity.

Database specific 
{
    "malicious-packages-origins": [
        {
            "sha256": "32231907789db551e533776ab68a4a01f4029a0723291d70d65927559eb647d2",
            "import_time": "2023-08-10T06:16:02.199649286Z",
            "versions": [
                "5.20.20"
            ],
            "source": "ossf-package-analysis",
            "modified_time": "2023-05-24T04:17:13.375863313Z"
        },
        {
            "sha256": "1e099d5380118fc0ac93e6732bebcd1a185c101f7b6b46d0ab49bda08937c088",
            "import_time": "2024-10-04T04:37:03.845478406Z",
            "versions": [
                "6.0.0"
            ],
            "source": "ossf-package-analysis",
            "modified_time": "2024-10-04T04:27:58Z"
        }
    ]
}
References
Credits

Affected packages

npm / client-ws-app

Package

Name
client-ws-app
View open source insights on deps.dev
Purl
pkg:npm/client-ws-app

Affected ranges

Affected versions

5.*

5.20.20

6.*

6.0.0