MAL-2024-8838
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@zarafront/lib-zds/MAL-2024-8838.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2024-8838
- Published
- 2024-09-08T17:03:36Z
- Modified
- 2024-10-24T01:01:55Z
- Summary
- Malicious code in @zarafront/lib-zds (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (b7da81ddf52154f443baa27b56764a0be023447376bd6d8a3f587cc7db455f84)
The OpenSSF Package Analysis project identified '@zarafront/lib-zds' @ 99.50.55 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
- Database specific
{ "malicious-packages-origins": [ { "import_time": "2024-09-08T17:05:57.091790725Z", "source": "ossf-package-analysis", "modified_time": "2024-09-08T17:03:36Z", "versions": [ "99.50.55" ], "sha256": "b7da81ddf52154f443baa27b56764a0be023447376bd6d8a3f587cc7db455f84" }, { "import_time": "2024-10-24T00:56:09.867948073Z", "id": "RLMA-2024-06090", "modified_time": "2024-10-16T12:26:41Z", "versions": [ "99.50.55" ], "source": "reversing-labs", "sha256": "b666c1af13c0b686b376bca1567652a817ef4cd36a7ea17d2dc6838f5640a767" } ] }- References
-
- Credits
-
-
- OpenSSF: Package Analysis - FINDER
-
- ReversingLabs - FINDER
-
Affected packages
npm / @zarafront/lib-zds
Package
- Name
- @zarafront/lib-zds
- View open source insights on deps.dev
- Purl
- pkg:npm/%40zarafront/lib-zds