MAL-2024-2000

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/combinezone/MAL-2024-2000.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-2000

Aliases

SNYK-JS-COMBINEZONE-5406398

Published

2024-06-25T12:34:05Z

Modified

2024-10-24T01:01:55Z

Summary

Malicious code in combinezone (npm)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "source": "reversing-labs",
            "sha256": "cefaa44bfeba403268aeaec173518efae3311aa7aa7f8d584a3f057f0c07f8a8",
            "modified_time": "2024-06-25T12:34:05Z",
            "import_time": "2024-06-28T02:42:27.47071503Z",
            "versions": [
                "7.14.2"
            ],
            "id": "RLMA-2024-00620"
        },
        {
            "source": "reversing-labs",
            "sha256": "c8b40eba2cc90083fcee41c3323f5f1f12175f8bf35a2dd619fd35917bd1dfb9",
            "modified_time": "2024-10-16T12:40:48Z",
            "import_time": "2024-10-24T00:57:39.429932639Z",
            "id": "RLUA-2024-06333"
        }
    ]
}

References

https://security.snyk.io/vuln/SNYK-JS-COMBINEZONE-5406398

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

npm / combinezone

Package

Name: combinezone; View open source insights on deps.dev
Purl: pkg:npm/combinezone

Affected ranges

Affected versions

7.*

7.14.2