MAL-2023-1343

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/webpack-dev-server.legacy/MAL-2023-1343.json
JSON Data
https://api.test.osv.dev/v1/vulns/MAL-2023-1343
Aliases
  • SNYK-JS-WEBPACKDEVSERVERLEGACY-3336043
Published
2023-05-01T23:42:55Z
Modified
2024-06-28T03:27:29.222560Z
Summary
Malicious code in webpack-dev-server.legacy (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (85cd0dbb01e0045658eb423c4580a09f07f36ce5af1689227f99e72348cda4a6)

The OpenSSF Package Analysis project identified 'webpack-dev-server.legacy' @ 1.0.0 (npm) as malicious.

It is considered malicious because: - The package communicates with a domain associated with malicious activity.

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "85cd0dbb01e0045658eb423c4580a09f07f36ce5af1689227f99e72348cda4a6",
            "import_time": "2023-08-10T06:15:30.459029748Z",
            "versions": [
                "1.0.0"
            ],
            "source": "ossf-package-analysis",
            "modified_time": "2023-05-01T23:42:55.576115005Z"
        },
        {
            "sha256": "d3a30e7ad2f8b6811bbb097dd30203ed7ba914edf2ef91a7fde5bb638f559355",
            "import_time": "2024-06-28T02:46:37.80686047Z",
            "versions": [
                "1.0.0"
            ],
            "id": "RLMA-2024-02719",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:21:43Z"
        }
    ]
}
References
Credits

Affected packages

npm / webpack-dev-server.legacy

Package

Name
webpack-dev-server.legacy
View open source insights on deps.dev
Purl
pkg:npm/webpack-dev-server.legacy

Affected ranges

Affected versions

1.*

1.0.0