MAL-2024-3976

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/yasap-bump/MAL-2024-3976.json
JSON Data
https://api.test.osv.dev/v1/vulns/MAL-2024-3976
Aliases
  • SNYK-JS-YASAPBUMP-3326393
Published
2024-06-25T13:22:36Z
Modified
2024-10-24T01:01:57Z
Summary
Malicious code in yasap-bump (npm)
Details

-= Per source details. Do not edit below this line.=-

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "39be4ceb9e2c2f9a8cc875b5cc551a660770eed3907071e58ee53a118374b142",
            "import_time": "2024-06-28T02:46:42.051922628Z",
            "versions": [
                "1.3.17",
                "1.0.10",
                "1.0.9",
                "3.1.37"
            ],
            "id": "RLMA-2024-02753",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:22:36Z"
        },
        {
            "sha256": "eb50e399a1231a2b3c42650cdf28a2e5b8bfb085b86d408ba53ec142832c4f77",
            "import_time": "2024-10-24T00:58:34.410722597Z",
            "id": "RLUA-2024-07608",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T13:46:38Z"
        }
    ]
}
References
Credits

Affected packages

npm / yasap-bump

Package

Affected ranges

Affected versions

1.*

1.0.9
1.0.10
1.3.17

3.*

3.1.37