MAL-2024-61

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/akshansh-jaiswal-ctf-security/MAL-2024-61.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-61

Published

2024-01-07T11:31:28Z

Modified

2024-01-11T03:34:07Z

Summary

Malicious code in akshansh-jaiswal-ctf-security (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (1a21cd8cd0f3e40599808c19641304a3f52f263a31d9b68e9847bc4c6933cc80)

The OpenSSF Package Analysis project identified 'akshansh-jaiswal-ctf-security' @ 99.9999.9999 (npm) as malicious.

It is considered malicious because:

The package communicates with a domain associated with malicious activity.

Database specific

{
    "malicious-packages-origins": [
        {
            "versions": [
                "99.9999.9999"
            ],
            "sha256": "1a21cd8cd0f3e40599808c19641304a3f52f263a31d9b68e9847bc4c6933cc80",
            "modified_time": "2024-01-07T12:14:49Z",
            "import_time": "2024-01-11T03:33:47.690434539Z",
            "source": "ossf-package-analysis"
        },
        {
            "versions": [
                "99.9999.999"
            ],
            "sha256": "59be761e6fad93718d21936fb72b98ad21f2b5c7aa2a975685e3177216895b93",
            "modified_time": "2024-01-07T12:19:33Z",
            "import_time": "2024-01-11T03:33:47.777274938Z",
            "source": "ossf-package-analysis"
        },
        {
            "versions": [
                "99.999.9999"
            ],
            "sha256": "d22ed9d48ba8a72976d38cd75d33812b3e507dfb911e9390767f9de8696d4486",
            "modified_time": "2024-01-07T11:51:40Z",
            "import_time": "2024-01-11T03:33:47.582159861Z",
            "source": "ossf-package-analysis"
        },
        {
            "versions": [
                "99.999.999"
            ],
            "sha256": "ec23692f068dfd1e5bdec20553312221bbc66229ec52cfe663f94d0b58eeafd4",
            "modified_time": "2024-01-07T11:31:28Z",
            "import_time": "2024-01-11T03:33:47.511546099Z",
            "source": "ossf-package-analysis"
        },
        {
            "versions": [
                "999.999.999"
            ],
            "sha256": "f189944d893312d51ac46a71cd4581e91c051d7e8b2aec53874b0d75ab4951cf",
            "modified_time": "2024-01-07T12:23:02Z",
            "import_time": "2024-01-11T03:33:47.850234231Z",
            "source": "ossf-package-analysis"
        }
    ]
}

References

Credits

- OpenSSF: Package Analysis - FINDER
- - https://github.com/ossf/package-analysis
  - https://openssf.slack.com/channels/package_analysis

Affected packages

npm / akshansh-jaiswal-ctf-security

Package

Name: akshansh-jaiswal-ctf-security; View open source insights on deps.dev
Purl: pkg:npm/akshansh-jaiswal-ctf-security

Affected ranges

Affected versions

99.*

99.999.999

99.999.9999

99.9999.999

99.9999.9999

999.*

999.999.999