MAL-2024-2482

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/hoots-lib/MAL-2024-2482.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-2482

Aliases

SNYK-JS-HOOTSLIB-3358942

Published

2024-06-25T12:45:49Z

Modified

2024-10-24T01:01:56Z

Summary

Malicious code in hoots-lib (npm)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "55b8b84859b45c7a3f2594d803f2d36bad05525f6a485d6589c954761eca5243",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T12:45:49Z",
            "id": "RLMA-2024-01146",
            "versions": [
                "9.9.2",
                "9.9.5",
                "9.9.4",
                "9.9.7",
                "9.9.6",
                "9.9.1",
                "9.9.3"
            ],
            "import_time": "2024-06-28T02:43:30.806930103Z"
        },
        {
            "sha256": "3d4191674d231cb00fefab551a7245ae83d15e4e16cfd68523d8fab6f9fb1b14",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T12:57:02Z",
            "id": "RLUA-2024-06698",
            "import_time": "2024-10-24T00:57:56.527193959Z"
        }
    ]
}

References

https://security.snyk.io/vuln/SNYK-JS-HOOTSLIB-3358942

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

npm / hoots-lib

Package

Name: hoots-lib; View open source insights on deps.dev
Purl: pkg:npm/hoots-lib

Affected ranges

Affected versions

9.*

9.9.1

9.9.2

9.9.3

9.9.4

9.9.5

9.9.6

9.9.7

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/hoots-lib/MAL-2024-2482.json"