Vulnerability Database
Blog
FAQ
Docs
MAL-2024-10292
See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/opdistube/MAL-2024-10292.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2024-10292
Published
2024-10-30T16:39:57Z
Modified
2024-10-30T16:39:57Z
Summary
Malicious code in opdistube (npm)
Details
The package contains code to download and execute an infostealer payload.
References
Credits
Stacklok: trustypkg.dev - FINDER
https://discord.com/invite/RkzVuTp3WK
Affected packages
npm
/
opdistube
Package
Name
opdistube
View open source insights on deps.dev
Purl
pkg:npm/opdistube
Affected ranges
Affected versions
5.*
5.0.4
5.0.5
MAL-2024-10292 - OSV