Lucene search
GoogleOSV:MAL-2024-1619HistoryJun 17, 2024 - 3:46 p.m.
Malicious code in dc-test1-asdf (npm)
2024-06-1715:46:01
Google
osv.dev
malicious code
dc-test1-asdf
npm
package analysis
domain
malicious activity
7.3 High
AI Score
Confidence
High
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (04026ef40e4abce9afd70341d1bbb7d8907a917e7a6bd0fd6b7ffb15623a30c0)
The OpenSSF Package Analysis project identified ‘dc-test1-asdf’ @ 1.0.1 (npm) as malicious.
It is considered malicious because:
-
The package communicates with a domain associated with malicious activity.
-
The package executes one or more commands associated with malicious behavior.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dc-test1-asdf | eq | 1.0.4 | |
| dc-test1-asdf | eq | 1.0.1 | |
| dc-test1-asdf | eq | 1.0.7 | |
| dc-test1-asdf | eq | 1.0.2 |
7.3 High
AI Score
Confidence
High