-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified 'os-apps-ui-curvelibrary' @ 11.1.20 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"sha256": "18aeea2d76067c75f66911c729810dc0b7746e1bd14e53300f2a5c07649999b3",
"versions": [
"10.2.5"
],
"import_time": "2025-06-12T01:33:45.64116984Z",
"modified_time": "2025-06-12T01:30:49Z",
"source": "ossf-package-analysis"
},
{
"sha256": "1dd4447ad1f181e36adef3ae1a6e1b5e32831049e46f1fc66ae541ed4c33f2b7",
"versions": [
"11.1.2"
],
"import_time": "2025-06-12T01:33:45.721353361Z",
"modified_time": "2025-06-12T01:32:41Z",
"source": "ossf-package-analysis"
},
{
"sha256": "cb13fa21c92df5dc4aa68fb0c62d193a503a8628661615402120e0cd87f6ee5b",
"versions": [
"10.1.2"
],
"import_time": "2025-06-12T01:33:45.475000276Z",
"modified_time": "2025-06-12T01:25:45Z",
"source": "ossf-package-analysis"
},
{
"sha256": "e690808594ef799c65a7be74d82d506a26672108051fff5ed5894cd3e8037569",
"versions": [
"10.2.4"
],
"import_time": "2025-06-12T01:33:45.566976879Z",
"modified_time": "2025-06-12T01:29:25Z",
"source": "ossf-package-analysis"
},
{
"sha256": "018acaf194e627f73c054cc6654ebb956cd3026deb890d2450416c2881231eb7",
"versions": [
"11.1.9"
],
"import_time": "2025-06-12T02:35:39.359373242Z",
"modified_time": "2025-06-12T02:10:59Z",
"source": "ossf-package-analysis"
},
{
"sha256": "0119e0d30c93e83b68f00c9ab5d2f00f90d631cf3e692cab103e99c3ca6331b5",
"versions": [
"11.1.20"
],
"import_time": "2025-06-12T03:26:21.808599582Z",
"modified_time": "2025-06-12T02:55:05Z",
"source": "ossf-package-analysis"
},
{
"sha256": "2b45b51e2a10be06999646f630ada895856368e9058f5e63e72caa26cc247c48",
"versions": [
"11.1.19"
],
"import_time": "2025-06-12T03:26:21.736563709Z",
"modified_time": "2025-06-12T02:51:47Z",
"source": "ossf-package-analysis"
},
{
"sha256": "43d0d1b6d4d24ee58e12cccd0b8136ba552e7658302bed48539f89ced8377c0a",
"versions": [
"11.1.21"
],
"import_time": "2025-06-12T03:26:21.874635516Z",
"modified_time": "2025-06-12T03:00:27Z",
"source": "ossf-package-analysis"
},
{
"sha256": "ba1cc7920212327c3d8dc1c712ce5830eb0af7407d6a689d0f6ca5659b831dcb",
"versions": [
"11.1.16"
],
"import_time": "2025-06-12T03:26:21.64845605Z",
"modified_time": "2025-06-12T02:36:01Z",
"source": "ossf-package-analysis"
},
{
"sha256": "51cf733ce35ef8461d285eaeab58deb5e4fdb9bafa9167b92f8805ed1ac86a87",
"versions": [
"11.1.17"
],
"import_time": "2025-06-12T04:10:28.999475496Z",
"modified_time": "2025-06-12T04:05:34Z",
"source": "ossf-package-analysis"
},
{
"sha256": "21483738c60929e06f7b07deddd58e393fadfcec9704ffaf43f658ef3ad58234",
"versions": [
"11.1.5"
],
"import_time": "2025-06-16T07:36:34.933118189Z",
"modified_time": "2025-06-12T01:51:08Z",
"source": "ossf-package-analysis"
},
{
"sha256": "c73c691b8497cd42319b540c03c023e07529e097c894e279b327fe5a5ed0331e",
"versions": [
"11.1.4"
],
"import_time": "2025-06-16T07:36:34.818433816Z",
"modified_time": "2025-06-12T01:45:49Z",
"source": "ossf-package-analysis"
},
{
"sha256": "f389099d7857ab5d8a87f8b21821724803b50fc5b382dcd92bbeb025a1e0c424",
"versions": [
"9.9.9"
],
"import_time": "2025-06-16T07:36:34.733077188Z",
"modified_time": "2025-06-12T01:20:49Z",
"source": "ossf-package-analysis"
},
{
"sha256": "9ebf76aa00e867610d92f878a90addb3aeafa0042e52aecd867234a5b12f1cfd",
"versions": [
"99.0.3"
],
"import_time": "2025-07-10T14:07:01.520400201Z",
"modified_time": "2025-07-10T14:05:49Z",
"source": "ossf-package-analysis"
}
]
}