MAL-2024-12183

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/interview-question/MAL-2024-12183.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2024-12183
Published
2024-12-18T12:48:09Z
Modified
2024-12-18T12:48:09Z
Summary
Malicious code in interview-question (npm)
Details

This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon.

Database specific
{
    "malicious-packages-origins": null
}
References
Credits

Affected packages

npm / interview-question

Package

Affected ranges

Affected versions

1.*

1.0.0