MAL-2023-1305

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/stateful-fastclick/MAL-2023-1305.json
JSON Data
https://api.test.osv.dev/v1/vulns/MAL-2023-1305
Aliases
  • SNYK-JS-STATEFULFASTCLICK-3336024
Published
2023-05-01T14:11:34Z
Modified
2024-06-28T03:14:01.721840Z
Summary
Malicious code in stateful-fastclick (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (5a06e5b71a04fa67ca20937e8e438c638644db87d181799a046d22c568e6c4c5)

The OpenSSF Package Analysis project identified 'stateful-fastclick' @ 1.0.0 (npm) as malicious.

It is considered malicious because: - The package communicates with a domain associated with malicious activity.

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "5a06e5b71a04fa67ca20937e8e438c638644db87d181799a046d22c568e6c4c5",
            "import_time": "2023-08-10T06:15:29.671406644Z",
            "versions": [
                "1.0.0"
            ],
            "source": "ossf-package-analysis",
            "modified_time": "2023-05-01T14:11:34.868944925Z"
        },
        {
            "sha256": "e971e5df3209e798070a85f072f6268ab3dd9c912b2d87edc16c0ba49efccd20",
            "import_time": "2024-06-28T02:44:49.148459248Z",
            "versions": [
                "1.0.0"
            ],
            "id": "RLMA-2024-01789",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:02:04Z"
        }
    ]
}
References
Credits

Affected packages

npm / stateful-fastclick

Package

Affected ranges

Affected versions

1.*

1.0.0