diff --git a/osv/malicious/npm/@amagioss/js-timecode/MAL-0000-ghsa-malware-5cd0e634cb711f3c.json b/osv/malicious/npm/@amagioss/js-timecode/MAL-0000-ghsa-malware-5cd0e634cb711f3c.json new file mode 100644 index 0000000000..d04838364b --- /dev/null +++ b/osv/malicious/npm/@amagioss/js-timecode/MAL-0000-ghsa-malware-5cd0e634cb711f3c.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:57:57Z", + "published": "2024-11-25T01:57:56Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-24cg-3c27-fgfx" + ], + "summary": "Malware in @amagioss/js-timecode", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@amagioss/js-timecode" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-24cg-3c27-fgfx" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-24cg-3c27-fgfx" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "5cd0e634cb711f3c81ba053e00875d83653e7f7f70757ace4e3234b538bc5c88", + "import_time": "2024-11-26T00:34:04.448148431Z", + "id": "GHSA-24cg-3c27-fgfx", + "modified_time": "2024-11-25T01:57:57Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/alif-media-downloader/MAL-0000-ghsa-malware-09c054a9fdb7c2b2.json b/osv/malicious/npm/alif-media-downloader/MAL-0000-ghsa-malware-09c054a9fdb7c2b2.json new file mode 100644 index 0000000000..3bdb1a64c3 --- /dev/null +++ b/osv/malicious/npm/alif-media-downloader/MAL-0000-ghsa-malware-09c054a9fdb7c2b2.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:22:33Z", + "published": "2024-11-25T01:22:33Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-4mq6-f78c-324j" + ], + "summary": "Malware in alif-media-downloader", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "alif-media-downloader" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-4mq6-f78c-324j" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-4mq6-f78c-324j" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "09c054a9fdb7c2b20ed0b7838086b67063d75062d681e05edfeb1c377ea19a67", + "import_time": "2024-11-26T00:34:04.453567866Z", + "id": "GHSA-4mq6-f78c-324j", + "modified_time": "2024-11-25T01:22:33Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/bcoi/MAL-0000-ghsa-malware-81f8b3904e1fbb29.json b/osv/malicious/npm/bcoi/MAL-0000-ghsa-malware-81f8b3904e1fbb29.json new file mode 100644 index 0000000000..1995e0d651 --- /dev/null +++ b/osv/malicious/npm/bcoi/MAL-0000-ghsa-malware-81f8b3904e1fbb29.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T03:20:24Z", + "published": "2024-11-25T03:20:24Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-5xpr-p7qc-2f8w" + ], + "summary": "Malware in bcoi", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "bcoi" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-5xpr-p7qc-2f8w" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-5xpr-p7qc-2f8w" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "81f8b3904e1fbb296966df640e4cf438e617ed0abae2e9fe08cc2423c249d233", + "import_time": "2024-11-26T00:34:04.455296585Z", + "id": "GHSA-5xpr-p7qc-2f8w", + "modified_time": "2024-11-25T03:20:24Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/bignum.js/MAL-0000-ghsa-malware-9cae8d88da855b7f.json b/osv/malicious/npm/bignum.js/MAL-0000-ghsa-malware-9cae8d88da855b7f.json new file mode 100644 index 0000000000..7d2fd41742 --- /dev/null +++ b/osv/malicious/npm/bignum.js/MAL-0000-ghsa-malware-9cae8d88da855b7f.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:58:32Z", + "published": "2024-11-25T01:58:31Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-3gx9-f6rg-69qf" + ], + "summary": "Malware in bignum.js", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "bignum.js" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-3gx9-f6rg-69qf" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-3gx9-f6rg-69qf" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "9cae8d88da855b7f1d0c7666e2d5ae9cb3e0ef71c476cedabfdd84863420c452", + "import_time": "2024-11-26T00:34:04.451142292Z", + "id": "GHSA-3gx9-f6rg-69qf", + "modified_time": "2024-11-25T01:58:32Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/bigumner-js/MAL-0000-ghsa-malware-8a0ecfa30eaa3a6f.json b/osv/malicious/npm/bigumner-js/MAL-0000-ghsa-malware-8a0ecfa30eaa3a6f.json new file mode 100644 index 0000000000..fa73432913 --- /dev/null +++ b/osv/malicious/npm/bigumner-js/MAL-0000-ghsa-malware-8a0ecfa30eaa3a6f.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:59:24Z", + "published": "2024-11-25T01:59:24Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-4jj5-cgp8-xgf4" + ], + "summary": "Malware in bigumner-js", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "bigumner-js" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-4jj5-cgp8-xgf4" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-4jj5-cgp8-xgf4" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "8a0ecfa30eaa3a6f615e3a69a8c0fa4b182d52f6632dd44848e5fff7acbdb5ae", + "import_time": "2024-11-26T00:34:04.452783226Z", + "id": "GHSA-4jj5-cgp8-xgf4", + "modified_time": "2024-11-25T01:59:24Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/clement-malicious-npm-package-1/MAL-0000-ghsa-malware-4d9e98897d5870d3.json b/osv/malicious/npm/clement-malicious-npm-package-1/MAL-0000-ghsa-malware-4d9e98897d5870d3.json new file mode 100644 index 0000000000..606a460b6a --- /dev/null +++ b/osv/malicious/npm/clement-malicious-npm-package-1/MAL-0000-ghsa-malware-4d9e98897d5870d3.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:54:42Z", + "published": "2024-11-25T23:54:41Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-vpxh-g7vp-33x3" + ], + "summary": "Malware in clement-malicious-npm-package-1", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "clement-malicious-npm-package-1" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-vpxh-g7vp-33x3" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-vpxh-g7vp-33x3" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "4d9e98897d5870d3d52c1ba33f179ba6ef1b3329f46888535d674feda935d87c", + "import_time": "2024-11-26T00:34:04.477670222Z", + "id": "GHSA-vpxh-g7vp-33x3", + "modified_time": "2024-11-25T23:54:42Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/conibase/MAL-0000-ghsa-malware-e70af172c9db7c19.json b/osv/malicious/npm/conibase/MAL-0000-ghsa-malware-e70af172c9db7c19.json new file mode 100644 index 0000000000..8b62519dd7 --- /dev/null +++ b/osv/malicious/npm/conibase/MAL-0000-ghsa-malware-e70af172c9db7c19.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T03:21:00Z", + "published": "2024-11-25T03:21:00Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-67j2-mxw7-f27x" + ], + "summary": "Malware in conibase", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "conibase" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-67j2-mxw7-f27x" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-67j2-mxw7-f27x" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "e70af172c9db7c1934d326429c7bc63ed721d3934ada0d8197542fb231535fec", + "import_time": "2024-11-26T00:34:04.456225529Z", + "id": "GHSA-67j2-mxw7-f27x", + "modified_time": "2024-11-25T03:21:00Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/crypto-puch/MAL-0000-ghsa-malware-ac46e66a58a4b83f.json b/osv/malicious/npm/crypto-puch/MAL-0000-ghsa-malware-ac46e66a58a4b83f.json new file mode 100644 index 0000000000..48aead11c1 --- /dev/null +++ b/osv/malicious/npm/crypto-puch/MAL-0000-ghsa-malware-ac46e66a58a4b83f.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T03:21:35Z", + "published": "2024-11-25T03:21:34Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-rg6q-4pvp-8w85" + ], + "summary": "Malware in crypto-puch", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "crypto-puch" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-rg6q-4pvp-8w85" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-rg6q-4pvp-8w85" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "ac46e66a58a4b83fff27b66b7372f575870fe1abb4ae286e8e1c46ba2109af19", + "import_time": "2024-11-26T00:34:04.474179952Z", + "id": "GHSA-rg6q-4pvp-8w85", + "modified_time": "2024-11-25T03:21:35Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/delta-downloader/MAL-0000-ghsa-malware-b7d26055bd3522d0.json b/osv/malicious/npm/delta-downloader/MAL-0000-ghsa-malware-b7d26055bd3522d0.json new file mode 100644 index 0000000000..aad290f66d --- /dev/null +++ b/osv/malicious/npm/delta-downloader/MAL-0000-ghsa-malware-b7d26055bd3522d0.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:29:45Z", + "published": "2024-11-25T01:29:45Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-2jg5-mhjw-vmrg" + ], + "summary": "Malware in delta-downloader", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "delta-downloader" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-2jg5-mhjw-vmrg" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-2jg5-mhjw-vmrg" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "b7d26055bd3522d0ee0e99be091c1c9091ebc165f47a807c39261ddbac77ad67", + "import_time": "2024-11-26T00:34:04.449304528Z", + "id": "GHSA-2jg5-mhjw-vmrg", + "modified_time": "2024-11-25T01:29:45Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/delta-test/MAL-0000-ghsa-malware-4a63f8d77e78e8b2.json b/osv/malicious/npm/delta-test/MAL-0000-ghsa-malware-4a63f8d77e78e8b2.json new file mode 100644 index 0000000000..00f369af56 --- /dev/null +++ b/osv/malicious/npm/delta-test/MAL-0000-ghsa-malware-4a63f8d77e78e8b2.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:29:46Z", + "published": "2024-11-25T01:29:45Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-vh5v-j9jq-739f" + ], + "summary": "Malware in delta-test", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "delta-test" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-vh5v-j9jq-739f" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-vh5v-j9jq-739f" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "4a63f8d77e78e8b2cbc3bc3bfa80ee50373c5e9eb8cd9962c51a4a0ebec4b7cd", + "import_time": "2024-11-26T00:34:04.476824597Z", + "id": "GHSA-vh5v-j9jq-739f", + "modified_time": "2024-11-25T01:29:46Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/dl-testes/MAL-0000-ghsa-malware-d95a4eec24de9c1f.json b/osv/malicious/npm/dl-testes/MAL-0000-ghsa-malware-d95a4eec24de9c1f.json new file mode 100644 index 0000000000..f1879aa34e --- /dev/null +++ b/osv/malicious/npm/dl-testes/MAL-0000-ghsa-malware-d95a4eec24de9c1f.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:29:45Z", + "published": "2024-11-25T01:29:45Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-343c-w3cx-jvwp" + ], + "summary": "Malware in dl-testes", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "dl-testes" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-343c-w3cx-jvwp" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-343c-w3cx-jvwp" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "d95a4eec24de9c1fcd629f451e4b7a7d855ef958422cf70011bef25928bb7ab1", + "import_time": "2024-11-26T00:34:04.450305263Z", + "id": "GHSA-343c-w3cx-jvwp", + "modified_time": "2024-11-25T01:29:45Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/elctrum/MAL-0000-ghsa-malware-b89cc35724289a42.json b/osv/malicious/npm/elctrum/MAL-0000-ghsa-malware-b89cc35724289a42.json new file mode 100644 index 0000000000..f040513167 --- /dev/null +++ b/osv/malicious/npm/elctrum/MAL-0000-ghsa-malware-b89cc35724289a42.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:41:24Z", + "published": "2024-11-25T23:41:23Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-fqwg-c72c-8g8c" + ], + "summary": "Malware in elctrum", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "elctrum" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-fqwg-c72c-8g8c" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-fqwg-c72c-8g8c" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "b89cc35724289a4220143414f7f4b8376381586c8a99e0bbf32b981c6403e048", + "import_time": "2024-11-26T00:34:04.463436271Z", + "id": "GHSA-fqwg-c72c-8g8c", + "modified_time": "2024-11-25T23:41:24Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/electurm/MAL-0000-ghsa-malware-efaea8e17d6dafe5.json b/osv/malicious/npm/electurm/MAL-0000-ghsa-malware-efaea8e17d6dafe5.json new file mode 100644 index 0000000000..4ba8981332 --- /dev/null +++ b/osv/malicious/npm/electurm/MAL-0000-ghsa-malware-efaea8e17d6dafe5.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:41:59Z", + "published": "2024-11-25T23:41:59Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-cj9v-q749-v3wh" + ], + "summary": "Malware in electurm", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "electurm" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-cj9v-q749-v3wh" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-cj9v-q749-v3wh" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "efaea8e17d6dafe53e1047516e2be119bfd7d216f4d572a6de16d7bc1b164861", + "import_time": "2024-11-26T00:34:04.46171207Z", + "id": "GHSA-cj9v-q749-v3wh", + "modified_time": "2024-11-25T23:41:59Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/eslint-config-video-supply/MAL-0000-ghsa-malware-6db930f36eaed1e2.json b/osv/malicious/npm/eslint-config-video-supply/MAL-0000-ghsa-malware-6db930f36eaed1e2.json new file mode 100644 index 0000000000..e00a4a6b4d --- /dev/null +++ b/osv/malicious/npm/eslint-config-video-supply/MAL-0000-ghsa-malware-6db930f36eaed1e2.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:44:05Z", + "published": "2024-11-25T23:44:04Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-rx4c-jg5w-2c7x" + ], + "summary": "Malware in eslint-config-video-supply", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "eslint-config-video-supply" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-rx4c-jg5w-2c7x" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-rx4c-jg5w-2c7x" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "6db930f36eaed1e211ff3c4bfe705bc87e6f2b573fda13ca25fc657118d8d3b1", + "import_time": "2024-11-26T00:34:04.475068036Z", + "id": "GHSA-rx4c-jg5w-2c7x", + "modified_time": "2024-11-25T23:44:05Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/etcrypto/MAL-0000-ghsa-malware-9410e032af5229ba.json b/osv/malicious/npm/etcrypto/MAL-0000-ghsa-malware-9410e032af5229ba.json new file mode 100644 index 0000000000..6f94c02387 --- /dev/null +++ b/osv/malicious/npm/etcrypto/MAL-0000-ghsa-malware-9410e032af5229ba.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T02:00:17Z", + "published": "2024-11-25T02:00:17Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-vv4j-82xw-324m" + ], + "summary": "Malware in etcrypto", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "etcrypto" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-vv4j-82xw-324m" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-vv4j-82xw-324m" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "9410e032af5229bae6014110f1377f55bda88e5c7ac484772470b1f8aec94840", + "import_time": "2024-11-26T00:34:04.478550832Z", + "id": "GHSA-vv4j-82xw-324m", + "modified_time": "2024-11-25T02:00:17Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/eth-crpto/MAL-0000-ghsa-malware-39a8ec071ac26f1f.json b/osv/malicious/npm/eth-crpto/MAL-0000-ghsa-malware-39a8ec071ac26f1f.json new file mode 100644 index 0000000000..45eb5001fa --- /dev/null +++ b/osv/malicious/npm/eth-crpto/MAL-0000-ghsa-malware-39a8ec071ac26f1f.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T02:01:12Z", + "published": "2024-11-25T02:01:12Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-4x7w-rrjf-g5rr" + ], + "summary": "Malware in eth-crpto", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "eth-crpto" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-4x7w-rrjf-g5rr" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-4x7w-rrjf-g5rr" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "39a8ec071ac26f1f07a77c2de3dcff7672716e7339455c06896de0d1b7e905bc", + "import_time": "2024-11-26T00:34:04.454432907Z", + "id": "GHSA-4x7w-rrjf-g5rr", + "modified_time": "2024-11-25T02:01:12Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/ethcrypro/MAL-0000-ghsa-malware-ba9c04349ef6d369.json b/osv/malicious/npm/ethcrypro/MAL-0000-ghsa-malware-ba9c04349ef6d369.json new file mode 100644 index 0000000000..4a4dd1b274 --- /dev/null +++ b/osv/malicious/npm/ethcrypro/MAL-0000-ghsa-malware-ba9c04349ef6d369.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T02:02:04Z", + "published": "2024-11-25T02:02:03Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-x8pc-3hrw-8p3w" + ], + "summary": "Malware in ethcrypro", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ethcrypro" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-x8pc-3hrw-8p3w" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-x8pc-3hrw-8p3w" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "ba9c04349ef6d36952c840a64414c794718cfd5fddd4f2c21355423bd6d36f63", + "import_time": "2024-11-26T00:34:04.482492247Z", + "id": "GHSA-x8pc-3hrw-8p3w", + "modified_time": "2024-11-25T02:02:04Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/ethquer/MAL-0000-ghsa-malware-be4a01e346216859.json b/osv/malicious/npm/ethquer/MAL-0000-ghsa-malware-be4a01e346216859.json new file mode 100644 index 0000000000..5abaa31dbf --- /dev/null +++ b/osv/malicious/npm/ethquer/MAL-0000-ghsa-malware-be4a01e346216859.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T02:03:15Z", + "published": "2024-11-25T02:03:15Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-qv48-75w7-vx48" + ], + "summary": "Malware in ethquer", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ethquer" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-qv48-75w7-vx48" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-qv48-75w7-vx48" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "be4a01e346216859009cd2d1c19373f6df3236bbb32c0b1c98b46bbd3e1a4d6d", + "import_time": "2024-11-26T00:34:04.472180115Z", + "id": "GHSA-qv48-75w7-vx48", + "modified_time": "2024-11-25T02:03:15Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/ethtok/MAL-0000-ghsa-malware-0b0f832fd0cdd6a5.json b/osv/malicious/npm/ethtok/MAL-0000-ghsa-malware-0b0f832fd0cdd6a5.json new file mode 100644 index 0000000000..2d9e392e29 --- /dev/null +++ b/osv/malicious/npm/ethtok/MAL-0000-ghsa-malware-0b0f832fd0cdd6a5.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T02:04:44Z", + "published": "2024-11-25T02:04:44Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-gmh6-85c7-q223" + ], + "summary": "Malware in ethtok", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ethtok" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-gmh6-85c7-q223" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-gmh6-85c7-q223" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "0b0f832fd0cdd6a58d023c764a4c24d072b82b8a5a16a069df3f271dd51ace5d", + "import_time": "2024-11-26T00:34:04.464373353Z", + "id": "GHSA-gmh6-85c7-q223", + "modified_time": "2024-11-25T02:04:44Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/fixsolara/MAL-0000-ghsa-malware-72f721f96c41e95f.json b/osv/malicious/npm/fixsolara/MAL-0000-ghsa-malware-72f721f96c41e95f.json new file mode 100644 index 0000000000..9ce53d0ebf --- /dev/null +++ b/osv/malicious/npm/fixsolara/MAL-0000-ghsa-malware-72f721f96c41e95f.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:03:02Z", + "published": "2024-11-25T01:03:02Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-xg8h-2r3g-76qm" + ], + "summary": "Malware in fixsolara", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "fixsolara" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-xg8h-2r3g-76qm" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-xg8h-2r3g-76qm" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "72f721f96c41e95f79c4f9d2a12a8d040ae4c360e5d8e429d2ef42be2878121c", + "import_time": "2024-11-26T00:34:04.48336871Z", + "id": "GHSA-xg8h-2r3g-76qm", + "modified_time": "2024-11-25T01:03:02Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/imon-media-downloader/MAL-0000-ghsa-malware-e3e79b6d6a40bed6.json b/osv/malicious/npm/imon-media-downloader/MAL-0000-ghsa-malware-e3e79b6d6a40bed6.json new file mode 100644 index 0000000000..975d5bbf43 --- /dev/null +++ b/osv/malicious/npm/imon-media-downloader/MAL-0000-ghsa-malware-e3e79b6d6a40bed6.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:32:45Z", + "published": "2024-11-25T01:32:44Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-mmxr-mcg4-64r8" + ], + "summary": "Malware in imon-media-downloader", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "imon-media-downloader" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-mmxr-mcg4-64r8" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-mmxr-mcg4-64r8" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "e3e79b6d6a40bed6caf15c5c2efc6da41d06f25fb082db4b3d3964112a091874", + "import_time": "2024-11-26T00:34:04.466705403Z", + "id": "GHSA-mmxr-mcg4-64r8", + "modified_time": "2024-11-25T01:32:45Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/ksjdksdks/MAL-0000-ghsa-malware-bdc464c0b4e7ec30.json b/osv/malicious/npm/ksjdksdks/MAL-0000-ghsa-malware-bdc464c0b4e7ec30.json new file mode 100644 index 0000000000..89f9a83872 --- /dev/null +++ b/osv/malicious/npm/ksjdksdks/MAL-0000-ghsa-malware-bdc464c0b4e7ec30.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:44:04Z", + "published": "2024-11-25T23:44:04Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-q8h4-rr8h-hjcf" + ], + "summary": "Malware in ksjdksdks", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ksjdksdks" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-q8h4-rr8h-hjcf" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-q8h4-rr8h-hjcf" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "bdc464c0b4e7ec30e692ea205570904d5127198c99ea874992e6a163bac99a6b", + "import_time": "2024-11-26T00:34:04.470369519Z", + "id": "GHSA-q8h4-rr8h-hjcf", + "modified_time": "2024-11-25T23:44:04Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/libbtc/MAL-0000-ghsa-malware-8ad6682853bd3d82.json b/osv/malicious/npm/libbtc/MAL-0000-ghsa-malware-8ad6682853bd3d82.json new file mode 100644 index 0000000000..65b554999a --- /dev/null +++ b/osv/malicious/npm/libbtc/MAL-0000-ghsa-malware-8ad6682853bd3d82.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:44:40Z", + "published": "2024-11-25T23:44:40Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-4989-2j3m-p99q" + ], + "summary": "Malware in libbtc", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "libbtc" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-4989-2j3m-p99q" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-4989-2j3m-p99q" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "8ad6682853bd3d827bba5a417c63dbee66ced6c6e1665a7b20649c092a4d17ce", + "import_time": "2024-11-26T00:34:04.45192092Z", + "id": "GHSA-4989-2j3m-p99q", + "modified_time": "2024-11-25T23:44:40Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/litcore/MAL-0000-ghsa-malware-8432039f3deac7c4.json b/osv/malicious/npm/litcore/MAL-0000-ghsa-malware-8432039f3deac7c4.json new file mode 100644 index 0000000000..5873902faf --- /dev/null +++ b/osv/malicious/npm/litcore/MAL-0000-ghsa-malware-8432039f3deac7c4.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:45:15Z", + "published": "2024-11-25T23:45:15Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-8778-mfxm-6fj8" + ], + "summary": "Malware in litcore", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "litcore" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-8778-mfxm-6fj8" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-8778-mfxm-6fj8" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "8432039f3deac7c4363e31d017c7298863d38aad4f91b98e48f6130325379f8f", + "import_time": "2024-11-26T00:34:04.459109493Z", + "id": "GHSA-8778-mfxm-6fj8", + "modified_time": "2024-11-25T23:45:15Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/lito-core-lib/MAL-0000-ghsa-malware-a6cf4549a9eb56f5.json b/osv/malicious/npm/lito-core-lib/MAL-0000-ghsa-malware-a6cf4549a9eb56f5.json new file mode 100644 index 0000000000..de0f67cdfe --- /dev/null +++ b/osv/malicious/npm/lito-core-lib/MAL-0000-ghsa-malware-a6cf4549a9eb56f5.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:45:51Z", + "published": "2024-11-25T23:45:50Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-mxfh-gpqh-6vc6" + ], + "summary": "Malware in lito-core-lib", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "lito-core-lib" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-mxfh-gpqh-6vc6" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-mxfh-gpqh-6vc6" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "a6cf4549a9eb56f566a4f9b2f25568406b0ba7ed7d72c19ef13a615c6c0cdffa", + "import_time": "2024-11-26T00:34:04.468347363Z", + "id": "GHSA-mxfh-gpqh-6vc6", + "modified_time": "2024-11-25T23:45:51Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/neextjs/MAL-0000-ghsa-malware-8aa353c92b36b03d.json b/osv/malicious/npm/neextjs/MAL-0000-ghsa-malware-8aa353c92b36b03d.json new file mode 100644 index 0000000000..38decbbb12 --- /dev/null +++ b/osv/malicious/npm/neextjs/MAL-0000-ghsa-malware-8aa353c92b36b03d.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:46:26Z", + "published": "2024-11-25T23:46:25Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-hcrw-2w8r-9jrf" + ], + "summary": "Malware in neextjs", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "neextjs" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-hcrw-2w8r-9jrf" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-hcrw-2w8r-9jrf" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "8aa353c92b36b03dd6bee3609d2fc838267b743c206a7e8152ee471fc7589093", + "import_time": "2024-11-26T00:34:04.465899523Z", + "id": "GHSA-hcrw-2w8r-9jrf", + "modified_time": "2024-11-25T23:46:26Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/nodmailr/MAL-0000-ghsa-malware-f4a73b390f880a25.json b/osv/malicious/npm/nodmailr/MAL-0000-ghsa-malware-f4a73b390f880a25.json new file mode 100644 index 0000000000..1225e02a5e --- /dev/null +++ b/osv/malicious/npm/nodmailr/MAL-0000-ghsa-malware-f4a73b390f880a25.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:47:01Z", + "published": "2024-11-25T23:47:01Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-gxcr-c958-q23h" + ], + "summary": "Malware in nodmailr", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "nodmailr" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-gxcr-c958-q23h" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-gxcr-c958-q23h" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "f4a73b390f880a25ecf0be91a25ddd74d3be1e547fa50748488982382aca6486", + "import_time": "2024-11-26T00:34:04.465158384Z", + "id": "GHSA-gxcr-c958-q23h", + "modified_time": "2024-11-25T23:47:01Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/nodmialer/MAL-0000-ghsa-malware-f517fd7c243bbf2e.json b/osv/malicious/npm/nodmialer/MAL-0000-ghsa-malware-f517fd7c243bbf2e.json new file mode 100644 index 0000000000..7717ce87df --- /dev/null +++ b/osv/malicious/npm/nodmialer/MAL-0000-ghsa-malware-f517fd7c243bbf2e.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:47:52Z", + "published": "2024-11-25T23:47:52Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-r3pv-4wg2-rfvv" + ], + "summary": "Malware in nodmialer", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "nodmialer" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-r3pv-4wg2-rfvv" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-r3pv-4wg2-rfvv" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "f517fd7c243bbf2ebdbc660388ec85202c4ea31c094bc01cbb8b5ff4c0c7388f", + "import_time": "2024-11-26T00:34:04.473218621Z", + "id": "GHSA-r3pv-4wg2-rfvv", + "modified_time": "2024-11-25T23:47:52Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/rana-media-downloader/MAL-0000-ghsa-malware-f1bae57a99608bfd.json b/osv/malicious/npm/rana-media-downloader/MAL-0000-ghsa-malware-f1bae57a99608bfd.json new file mode 100644 index 0000000000..9f74702949 --- /dev/null +++ b/osv/malicious/npm/rana-media-downloader/MAL-0000-ghsa-malware-f1bae57a99608bfd.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:34:31Z", + "published": "2024-11-25T01:34:31Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-wvv4-6842-mwgj" + ], + "summary": "Malware in rana-media-downloader", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "rana-media-downloader" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-wvv4-6842-mwgj" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-wvv4-6842-mwgj" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "f1bae57a99608bfda37ef9693c4945c31163d00df2027fe8558eac88c3320ecb", + "import_time": "2024-11-26T00:34:04.479638731Z", + "id": "GHSA-wvv4-6842-mwgj", + "modified_time": "2024-11-25T01:34:31Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/rootkitfix/MAL-0000-ghsa-malware-3f464c06e5146e96.json b/osv/malicious/npm/rootkitfix/MAL-0000-ghsa-malware-3f464c06e5146e96.json new file mode 100644 index 0000000000..82e371a500 --- /dev/null +++ b/osv/malicious/npm/rootkitfix/MAL-0000-ghsa-malware-3f464c06e5146e96.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:03:02Z", + "published": "2024-11-25T01:03:01Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-v8j9-xxvw-3p4g" + ], + "summary": "Malware in rootkitfix", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "rootkitfix" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-v8j9-xxvw-3p4g" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-v8j9-xxvw-3p4g" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "3f464c06e5146e96a9feed234e30390194912e24838433cad3daab70ecb350b2", + "import_time": "2024-11-26T00:34:04.476059994Z", + "id": "GHSA-v8j9-xxvw-3p4g", + "modified_time": "2024-11-25T01:03:02Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/solarafix/MAL-0000-ghsa-malware-3903c6aeaa4d35f7.json b/osv/malicious/npm/solarafix/MAL-0000-ghsa-malware-3903c6aeaa4d35f7.json new file mode 100644 index 0000000000..baa1a99833 --- /dev/null +++ b/osv/malicious/npm/solarafix/MAL-0000-ghsa-malware-3903c6aeaa4d35f7.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T01:03:02Z", + "published": "2024-11-25T01:03:01Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-8f5v-48wv-p5f3" + ], + "summary": "Malware in solarafix", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "solarafix" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-8f5v-48wv-p5f3" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-8f5v-48wv-p5f3" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "3903c6aeaa4d35f7f601837d1c232e25462dcc8d210e811feca02652c348e08d", + "import_time": "2024-11-26T00:34:04.460087686Z", + "id": "GHSA-8f5v-48wv-p5f3", + "modified_time": "2024-11-25T01:03:02Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/tehter/MAL-0000-ghsa-malware-a9947da85637a8b6.json b/osv/malicious/npm/tehter/MAL-0000-ghsa-malware-a9947da85637a8b6.json new file mode 100644 index 0000000000..9429aa07e5 --- /dev/null +++ b/osv/malicious/npm/tehter/MAL-0000-ghsa-malware-a9947da85637a8b6.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:49:21Z", + "published": "2024-11-25T23:49:21Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-fpjm-p8cg-f23w" + ], + "summary": "Malware in tehter", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "tehter" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-fpjm-p8cg-f23w" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-fpjm-p8cg-f23w" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "a9947da85637a8b657c770fb0b61ce650c78b0683fab7f45fe3c41a9c26ca6fc", + "import_time": "2024-11-26T00:34:04.462497081Z", + "id": "GHSA-fpjm-p8cg-f23w", + "modified_time": "2024-11-25T23:49:21Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/testsdsdsdsd/MAL-0000-ghsa-malware-d4ef24d8eb731fb6.json b/osv/malicious/npm/testsdsdsdsd/MAL-0000-ghsa-malware-d4ef24d8eb731fb6.json new file mode 100644 index 0000000000..57ba60d510 --- /dev/null +++ b/osv/malicious/npm/testsdsdsdsd/MAL-0000-ghsa-malware-d4ef24d8eb731fb6.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:44:04Z", + "published": "2024-11-25T23:44:04Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-mxfj-7pmm-5vf6" + ], + "summary": "Malware in testsdsdsdsd", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "testsdsdsdsd" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-mxfj-7pmm-5vf6" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-mxfj-7pmm-5vf6" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "d4ef24d8eb731fb63ac4a76ef125521dc57b34c6b5d512ca48dbfb0460737d0f", + "import_time": "2024-11-26T00:34:04.469255765Z", + "id": "GHSA-mxfj-7pmm-5vf6", + "modified_time": "2024-11-25T23:44:04Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/tetherr/MAL-0000-ghsa-malware-0dd5e0fe6db1c839.json b/osv/malicious/npm/tetherr/MAL-0000-ghsa-malware-0dd5e0fe6db1c839.json new file mode 100644 index 0000000000..a846f7f731 --- /dev/null +++ b/osv/malicious/npm/tetherr/MAL-0000-ghsa-malware-0dd5e0fe6db1c839.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:49:57Z", + "published": "2024-11-25T23:49:56Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-mqmm-rmwq-w3rv" + ], + "summary": "Malware in tetherr", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "tetherr" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-mqmm-rmwq-w3rv" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-mqmm-rmwq-w3rv" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "0dd5e0fe6db1c8397fd9456015cdf14d4ef9f338816dc771cfd8ec9e013fb889", + "import_time": "2024-11-26T00:34:04.467559895Z", + "id": "GHSA-mqmm-rmwq-w3rv", + "modified_time": "2024-11-25T23:49:57Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/tetther/MAL-0000-ghsa-malware-b0fe50db74634f51.json b/osv/malicious/npm/tetther/MAL-0000-ghsa-malware-b0fe50db74634f51.json new file mode 100644 index 0000000000..4745ee208a --- /dev/null +++ b/osv/malicious/npm/tetther/MAL-0000-ghsa-malware-b0fe50db74634f51.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:51:07Z", + "published": "2024-11-25T23:51:07Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-wxf5-rwjw-43m8" + ], + "summary": "Malware in tetther", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "tetther" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-wxf5-rwjw-43m8" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-wxf5-rwjw-43m8" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "b0fe50db74634f51e1891c210282fbddafd5232a78124822bc40007cc286a7dd", + "import_time": "2024-11-26T00:34:04.481643647Z", + "id": "GHSA-wxf5-rwjw-43m8", + "modified_time": "2024-11-25T23:51:07Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/thre-js/MAL-0000-ghsa-malware-c4823222bd132c06.json b/osv/malicious/npm/thre-js/MAL-0000-ghsa-malware-c4823222bd132c06.json new file mode 100644 index 0000000000..ed9052bcf7 --- /dev/null +++ b/osv/malicious/npm/thre-js/MAL-0000-ghsa-malware-c4823222bd132c06.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T23:51:42Z", + "published": "2024-11-25T23:51:42Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-9829-p2xm-888g" + ], + "summary": "Malware in thre-js", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "thre-js" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-9829-p2xm-888g" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-9829-p2xm-888g" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "c4823222bd132c06ad184ec3e59942da59e35bf3ea088248a65305f89c0f1716", + "import_time": "2024-11-26T00:34:04.460883227Z", + "id": "GHSA-9829-p2xm-888g", + "modified_time": "2024-11-25T23:51:42Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/web-bz/MAL-0000-ghsa-malware-0be6c98e8623bffb.json b/osv/malicious/npm/web-bz/MAL-0000-ghsa-malware-0be6c98e8623bffb.json new file mode 100644 index 0000000000..740ce02643 --- /dev/null +++ b/osv/malicious/npm/web-bz/MAL-0000-ghsa-malware-0be6c98e8623bffb.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T02:05:55Z", + "published": "2024-11-25T02:05:54Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-wxc3-pw67-xph3" + ], + "summary": "Malware in web-bz", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "web-bz" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-wxc3-pw67-xph3" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-wxc3-pw67-xph3" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "0be6c98e8623bffb583f6b3c059c4b8a367a11e9294e1d13c168cd7d2f10552f", + "import_time": "2024-11-26T00:34:04.48063083Z", + "id": "GHSA-wxc3-pw67-xph3", + "modified_time": "2024-11-25T02:05:55Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +} diff --git a/osv/malicious/npm/web3bz/MAL-0000-ghsa-malware-fb56e7431dc7049a.json b/osv/malicious/npm/web3bz/MAL-0000-ghsa-malware-fb56e7431dc7049a.json new file mode 100644 index 0000000000..cccd096b87 --- /dev/null +++ b/osv/malicious/npm/web3bz/MAL-0000-ghsa-malware-fb56e7431dc7049a.json @@ -0,0 +1,66 @@ +{ + "modified": "2024-11-25T02:07:06Z", + "published": "2024-11-25T02:07:06Z", + "schema_version": "1.5.0", + "id": "", + "aliases": [ + "GHSA-qm8x-h7gq-wgpg" + ], + "summary": "Malware in web3bz", + "details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "web3bz" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ], + "database_specific": { + "cwes": [ + { + "cweId": "CWE-506", + "description": "The product contains code that appears to be malicious in nature.", + "name": "Embedded Malicious Code" + } + ], + "ghsa": "https://github.com/advisories/GHSA-qm8x-h7gq-wgpg" + } + } + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-qm8x-h7gq-wgpg" + } + ], + "database_specific": { + "malicious-packages-origins": [ + { + "source": "ghsa-malware", + "sha256": "fb56e7431dc7049a19b5bed49044537ebd1157862a07e796bba3f4978f6c2c73", + "import_time": "2024-11-26T00:34:04.471369386Z", + "id": "GHSA-qm8x-h7gq-wgpg", + "modified_time": "2024-11-25T02:07:06Z", + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ] + } +}