mal-2026-459
Vulnerability from ossf_malicious_packages
Published
2026-01-22 09:55
Modified
2026-01-23 01:39
Summary
Malicious code in un112 (npm)
Details
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (c1521874d670863316d54ec7213c067617cac71476025f1e398ca9ea01fe1f71)
The package un112 was found to contain malicious code.
Source: ossf-package-analysis (cdd54832c7f264a3a18301f19d464ca271573a29173fe997e49e6c55b0ae1f87)
The OpenSSF Package Analysis project identified 'un112' @ 1.0.18 (npm) as malicious.
It is considered malicious because:
-
The package communicates with a domain associated with malicious activity.
-
The package executes one or more commands associated with malicious behavior.
Credits
Amazon Inspector
actran@amazon.com
OpenSSF: Package Analysis
github.com/ossf/package-analysis
openssf.slack.com/channels/package_analysis
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "un112"
},
"versions": [
"1.0.2",
"1.0.3",
"1.0.5",
"1.0.18",
"1.0.24",
"1.0.28",
"1.0.29",
"1.0.31",
"1.0.32",
"1.0.36",
"1.0.38"
]
}
],
"credits": [
{
"contact": [
"actran@amazon.com"
],
"name": "Amazon Inspector",
"type": "FINDER"
},
{
"contact": [
"https://github.com/ossf/package-analysis",
"https://openssf.slack.com/channels/package_analysis"
],
"name": "OpenSSF: Package Analysis",
"type": "FINDER"
}
],
"database_specific": {
"malicious-packages-origins": [
{
"import_time": "2026-01-22T10:09:38.522937302Z",
"modified_time": "2026-01-22T09:55:45Z",
"sha256": "0d1b233e9feeaa79bb424b05fb0a39efdae797415d415bc75e9567fd053a184d",
"source": "ossf-package-analysis",
"versions": [
"1.0.2"
]
},
{
"import_time": "2026-01-22T10:09:38.834367871Z",
"modified_time": "2026-01-22T10:06:18Z",
"sha256": "de4f2098967c4c1c29239308be090b1220a5a10885f19b72915d9b94e727b4d6",
"source": "ossf-package-analysis",
"versions": [
"1.0.3"
]
},
{
"import_time": "2026-01-22T10:44:23.474713406Z",
"modified_time": "2026-01-22T10:11:12Z",
"sha256": "6d80f3419e72882c2d5a2038684dd7b3b67612745a4f53a7c848d18a2025a185",
"source": "ossf-package-analysis",
"versions": [
"1.0.5"
]
},
{
"import_time": "2026-01-22T11:39:04.633126048Z",
"modified_time": "2026-01-22T11:21:00Z",
"sha256": "cdd54832c7f264a3a18301f19d464ca271573a29173fe997e49e6c55b0ae1f87",
"source": "ossf-package-analysis",
"versions": [
"1.0.18"
]
},
{
"import_time": "2026-01-22T12:48:35.482872258Z",
"modified_time": "2026-01-22T12:22:33Z",
"sha256": "74ab28da85fdb961668dc8fb0dc9b59ff55f60f2080e89923d78829b60ed1767",
"source": "ossf-package-analysis",
"versions": [
"1.0.24"
]
},
{
"import_time": "2026-01-22T13:21:49.574918229Z",
"modified_time": "2026-01-22T13:00:48Z",
"sha256": "8210776b11cfa28a05bb7b7d409975b8a0096cc7dc8ad0c00166b6c6e775693d",
"source": "ossf-package-analysis",
"versions": [
"1.0.28"
]
},
{
"import_time": "2026-01-22T13:21:49.444222201Z",
"modified_time": "2026-01-22T12:56:55Z",
"sha256": "897d49fb7ce4357ac242add413e4b7625b625e40ae915da7413b54d7939ac80c",
"source": "ossf-package-analysis",
"versions": [
"1.0.29"
]
},
{
"import_time": "2026-01-22T13:21:49.618649256Z",
"modified_time": "2026-01-22T13:16:03Z",
"sha256": "915a1220bd2a86659d450790a3c26e44e6bcab3f197ec6772ccf762bb8b4296c",
"source": "ossf-package-analysis",
"versions": [
"1.0.31"
]
},
{
"import_time": "2026-01-22T13:48:18.413302706Z",
"modified_time": "2026-01-22T13:25:40Z",
"sha256": "7607c1e2ae4e1e93a503caee44a0aa502b8502a54a0e6cd52aee82461c10a53f",
"source": "ossf-package-analysis",
"versions": [
"1.0.32"
]
},
{
"import_time": "2026-01-22T14:13:57.023842901Z",
"modified_time": "2026-01-22T14:05:57Z",
"sha256": "c231ba8cd4202c6577c503556079fffdac31fe3345fcdc07a84c21ba259b5cac",
"source": "ossf-package-analysis",
"versions": [
"1.0.36"
]
},
{
"import_time": "2026-01-22T14:45:17.679920762Z",
"modified_time": "2026-01-22T14:20:35Z",
"sha256": "b418440c4bb5a371f41df33488b81f4dc1f7e029364d18a5250e17f5c8bf9161",
"source": "ossf-package-analysis",
"versions": [
"1.0.38"
]
},
{
"import_time": "2026-01-23T01:36:40.288377385Z",
"modified_time": "2026-01-23T01:13:12Z",
"sha256": "c1521874d670863316d54ec7213c067617cac71476025f1e398ca9ea01fe1f71",
"source": "amazon-inspector",
"versions": [
"1.0.2",
"1.0.3",
"1.0.5",
"1.0.18",
"1.0.24",
"1.0.28",
"1.0.29",
"1.0.31",
"1.0.32",
"1.0.36",
"1.0.38"
]
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (c1521874d670863316d54ec7213c067617cac71476025f1e398ca9ea01fe1f71)\nThe package un112 was found to contain malicious code.\n\n## Source: ossf-package-analysis (cdd54832c7f264a3a18301f19d464ca271573a29173fe997e49e6c55b0ae1f87)\nThe OpenSSF Package Analysis project identified \u0027un112\u0027 @ 1.0.18 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n",
"id": "MAL-2026-459",
"modified": "2026-01-23T01:39:04Z",
"published": "2026-01-22T09:55:45Z",
"schema_version": "1.7.4",
"summary": "Malicious code in un112 (npm)"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…