MAL-2024-8834

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/iojds/MAL-2024-8834.json
JSON Data
https://api.test.osv.dev/v1/vulns/MAL-2024-8834
Published
2024-09-07T18:08:03Z
Modified
2024-10-24T01:01:56Z
Summary
Malicious code in iojds (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (c829100704731a4406f783062c0ccf13e42c91dcf3284731aa1d272a93fe8d0f)

The OpenSSF Package Analysis project identified 'iojds' @ 9.0.0 (npm) as malicious.

It is considered malicious because:

  • The package communicates with a domain associated with malicious activity.
Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "c829100704731a4406f783062c0ccf13e42c91dcf3284731aa1d272a93fe8d0f",
            "import_time": "2024-09-07T18:36:22.67044221Z",
            "versions": [
                "9.0.0"
            ],
            "source": "ossf-package-analysis",
            "modified_time": "2024-09-07T18:08:03Z"
        },
        {
            "sha256": "8ca27c5978bfbdf772e7259de3712d09fc7d01cfd27ed76cda723307bf66fea7",
            "import_time": "2024-10-24T00:56:28.567457502Z",
            "versions": [
                "9.0.0"
            ],
            "id": "RLMA-2024-06753",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T12:59:04Z"
        }
    ]
}
References
Credits

Affected packages

npm / iojds

Package

Affected ranges

Affected versions

9.*

9.0.0