MAL-2023-8444

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/xterm-addon-clipboard/MAL-2023-8444.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2023-8444
Aliases
  • SNYK-JS-XTERMADDONCLIPBOARD-6044708
Published
2023-11-04T03:38:26Z
Modified
2024-06-28T03:14:44.065278Z
Summary
Malicious code in xterm-addon-clipboard (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (5cf6d3796e2698ca788f0833376dcbd11460b764506f5ffb63bdd8e71262113e)

The OpenSSF Package Analysis project identified 'xterm-addon-clipboard' @ 6.0.7 (npm) as malicious.

It is considered malicious because:

  • The package executes one or more commands associated with malicious behavior.
Database specific 
{
    "malicious-packages-origins": [
        {
            "import_time": "2023-11-06T23:34:24.32364125Z",
            "source": "ossf-package-analysis",
            "versions": [
                "6.0.7"
            ],
            "modified_time": "2023-11-04T03:38:26Z",
            "sha256": "5cf6d3796e2698ca788f0833376dcbd11460b764506f5ffb63bdd8e71262113e"
        },
        {
            "import_time": "2024-06-28T02:46:41.713155394Z",
            "id": "RLMA-2024-02750",
            "versions": [
                "6.0.4",
                "6.0.2",
                "6.0.3"
            ],
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:22:28Z",
            "sha256": "3d7ed343eb620ca659fa3fde04b13e9338ad6da8afc3cb1df4c0ee15a108b400"
        }
    ]
}
References
Credits

Affected packages

npm / xterm-addon-clipboard

Package

Name
xterm-addon-clipboard
View open source insights on deps.dev
Purl
pkg:npm/xterm-addon-clipboard

Affected ranges

Affected versions

6.*

6.0.2
6.0.3
6.0.4
6.0.7