MAL-2023-1351

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/zsbpwebsdk/MAL-2023-1351.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2023-1351
Aliases
  • SNYK-JS-ZSBPWEBSDK-3336033
Published
2023-04-29T02:23:04Z
Modified
2024-06-28T03:14:44.660533Z
Summary
Malicious code in zsbpwebsdk (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (bf63d69adabe277a69df70ff7c39dd42b81fad4f512f8204458dc438d7edfb7d)

The OpenSSF Package Analysis project identified 'zsbpwebsdk' @ 9999.9.9 (npm) as malicious.

It is considered malicious because: - The package communicates with a domain associated with malicious activity.

Database specific 
{
    "malicious-packages-origins": [
        {
            "modified_time": "2023-04-29T02:23:04.042427434Z",
            "import_time": "2023-08-10T06:15:15.024667112Z",
            "source": "ossf-package-analysis",
            "versions": [
                "9999.9.9"
            ],
            "sha256": "bf63d69adabe277a69df70ff7c39dd42b81fad4f512f8204458dc438d7edfb7d"
        },
        {
            "modified_time": "2024-06-25T13:22:57Z",
            "id": "RLMA-2024-02766",
            "source": "reversing-labs",
            "versions": [
                "9999.9.1",
                "9999.999.100",
                "9999.99.1",
                "9999.9.2",
                "9999.9.9"
            ],
            "import_time": "2024-06-28T02:46:43.575655275Z",
            "sha256": "c3f27fd860f02d8849804fd47574f46569f2ea146b2f98c58cd71aff28162c1e"
        }
    ]
}
References
Credits

Affected packages

npm / zsbpwebsdk

Package

Name
zsbpwebsdk
View open source insights on deps.dev
Purl
pkg:npm/zsbpwebsdk

Affected ranges

Affected versions

9999.*

9999.9.1
9999.9.2
9999.9.9
9999.99.1
9999.999.100