MAL-2023-1280

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/react-green-ui/MAL-2023-1280.json
JSON Data
https://api.test.osv.dev/v1/vulns/MAL-2023-1280
Published
2023-07-04T09:11:04Z
Modified
2024-06-28T02:53:17Z
Summary
Malicious code in react-green-ui (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (3109c997fe1ab2888814f3679bf903a97bce7112d5921a921ae0aea7d787fe3d)

The OpenSSF Package Analysis project identified 'react-green-ui' @ 10.0.49 (npm) as malicious.

It is considered malicious because: - The package executes one or more commands associated with malicious behavior.

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "3109c997fe1ab2888814f3679bf903a97bce7112d5921a921ae0aea7d787fe3d",
            "import_time": "2023-08-10T06:17:30.807106386Z",
            "versions": [
                "10.0.49"
            ],
            "source": "ossf-package-analysis",
            "modified_time": "2023-07-04T09:11:04.120121979Z"
        },
        {
            "sha256": "18ae45f01ce1ccc12181ea719b3f9a3f88d837205659a10887b8ceaf75216586",
            "import_time": "2024-06-28T02:44:32.502961912Z",
            "versions": [
                "10.0.1",
                "0.0.1",
                "10.0.49"
            ],
            "id": "RLMA-2024-01647",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T12:57:34Z"
        }
    ]
}
References
Credits

Affected packages

npm / react-green-ui

Package

Affected ranges

Affected versions

0.*

0.0.1

10.*

10.0.1
10.0.49