MAL-2024-12171

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/mx-exchange-docs/MAL-2024-12171.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2024-12171
Published
2024-12-31T23:37:50Z
Modified
2024-12-31T23:37:50Z
Summary
Malicious code in mx-exchange-docs (npm)
Details

This package exfils sensitive data to a attacker-controlled domain via index.js.

Database specific
{
    "malicious-packages-origins": null
}
References
Credits

Affected packages

npm / mx-exchange-docs

Package

Affected ranges

Affected versions

0.*

0.0.2