MAL-2024-1762

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/apm-web-vitals/MAL-2024-1762.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2024-1762
Aliases
  • SNYK-JS-APMWEBVITALS-5920704
Published
2024-06-25T12:28:08Z
Modified
2024-10-24T01:01:55Z
Summary
Malicious code in apm-web-vitals (npm)
Details

-= Per source details. Do not edit below this line.=-

Database specific 
{
    "malicious-packages-origins": [
        {
            "sha256": "1961024480a2aebee420fdbd6d34f445fefe5025a522cc0905d037e6bcbbcdc8",
            "import_time": "2024-06-28T02:41:55.164019171Z",
            "versions": [
                "0.0.1-rc.3",
                "1.0.2",
                "0.0.1-rc.2",
                "0.0.2",
                "0.0.1-rc.5"
            ],
            "id": "RLMA-2024-00351",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T12:28:08Z"
        },
        {
            "sha256": "f11559e954370ea705267da8e57c9d15696ddc7ed059e2dd0c0e1f97d9c51332",
            "import_time": "2024-10-24T00:57:31.751536475Z",
            "id": "RLUA-2024-06147",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T12:31:54Z"
        }
    ]
}
References
Credits

Affected packages

npm / apm-web-vitals

Package

Name
apm-web-vitals
View open source insights on deps.dev
Purl
pkg:npm/apm-web-vitals

Affected ranges

Affected versions

0.*

0.0.1-rc.2
0.0.1-rc.3
0.0.1-rc.5
0.0.2

1.*

1.0.2