MAL-2023-1490

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/bugsnotfound/MAL-2023-1490.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2023-1490
Published
2023-08-19T17:39:56Z
Modified
2023-08-19T18:10:59Z
Summary
Malicious code in bugsnotfound (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (3980d08da6629463ad50e50b6a94591add7f48be24c1256a14e6d3e56fe69f55)

The OpenSSF Package Analysis project identified 'bugsnotfound' @ 1.1.2 (npm) as malicious.

It is considered malicious because: - The package communicates with a domain associated with malicious activity. - The package executes one or more commands associated with malicious behavior.

References
Credits

Affected packages

npm / bugsnotfound

Package

Affected ranges

Affected versions

1.*

1.0.3
1.0.5
1.1.2
1.1.7

2.*

2.1.2