ossf_malicious_packages - mal-2024-11127

mal-2024-11127

Vulnerability from ossf_malicious_packages

Malicious code in o-table (npm)

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (74bc5048fb21f496bad53a05dea80054544d296f7a86832b46cfe4b8d5242fea)

The OpenSSF Package Analysis project identified 'o-table' @ 10.10.28 (npm) as malicious.

It is considered malicious because:

The package communicates with a domain associated with malicious activity.

JSON

To clipboard

{
   affected: [
      {
         package: {
            ecosystem: "npm",
            name: "o-table",
         },
         versions: [
            "10.10.28",
            "10.11.10",
            "10.11.12",
         ],
      },
   ],
   credits: [
      {
         contact: [
            "https://github.com/ossf/package-analysis",
            "https://openssf.slack.com/channels/package_analysis",
         ],
         name: "OpenSSF: Package Analysis",
         type: "FINDER",
      },
   ],
   database_specific: {
      "malicious-packages-origins": [
         {
            import_time: "2024-11-29T22:36:38.763827426Z",
            modified_time: "2024-11-29T22:16:11Z",
            sha256: "74bc5048fb21f496bad53a05dea80054544d296f7a86832b46cfe4b8d5242fea",
            source: "ossf-package-analysis",
            versions: [
               "10.10.28",
            ],
         },
         {
            import_time: "2024-11-30T09:05:21.422978616Z",
            modified_time: "2024-11-30T09:04:35Z",
            sha256: "3ed38701d730c9d38c311f102868197b91006f9204178bff2c8949c2f32aff4f",
            source: "ossf-package-analysis",
            versions: [
               "10.11.10",
            ],
         },
         {
            import_time: "2024-11-30T12:45:46.880012624Z",
            modified_time: "2024-11-30T12:18:32Z",
            sha256: "35aea094fa1f8882e313cbf55e136abe2e10f657bf5ac5b54eff69380bf9ce64",
            source: "ossf-package-analysis",
            versions: [
               "10.11.12",
            ],
         },
      ],
   },
   details: "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (74bc5048fb21f496bad53a05dea80054544d296f7a86832b46cfe4b8d5242fea)\nThe OpenSSF Package Analysis project identified 'o-table' @ 10.10.28 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
   id: "MAL-2024-11127",
   modified: "2024-11-30T12:46:16Z",
   published: "2024-11-29T22:16:11Z",
   schema_version: "1.5.0",
   summary: "Malicious code in o-table (npm)",
}

mal-2024-11127

Vulnerability from ossf_malicious_packages

Source: ossf-package-analysis (74bc5048fb21f496bad53a05dea80054544d296f7a86832b46cfe4b8d5242fea)

Tags

Sightings

Nomenclature

Action not permitted

mal-2024-11127

Vulnerability from ossf_malicious_packages

Source: ossf-package-analysis (74bc5048fb21f496bad53a05dea80054544d296f7a86832b46cfe4b8d5242fea)

Tags

Sightings

Nomenclature