Assign IDs

osv/malicious/npm/starter-assets-sass/MAL-2024-3054.json

@@ -1,10 +1,10 @@
 {
-  "modified": "2024-11-07T10:06:34Z",
+  "modified": "2024-11-16T18:06:29Z",
   "published": "2024-06-25T13:02:01Z",
   "schema_version": "1.5.0",
   "id": "MAL-2024-3054",
   "summary": "Malicious code in starter-assets-sass (npm)",
-  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (6be62790e6633e278041e75dffdad5b5e0da87202c3c8eda1c4cb047277c732b)\nThe OpenSSF Package Analysis project identified 'starter-assets-sass' @ 9.9.9 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (01c3efc3a2ed492ef5b1577e4c8f6ba09fb8d29075242acdf4d356946815b531)\nThe OpenSSF Package Analysis project identified 'starter-assets-sass' @ 9.9.11 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n",
   "affected": [
     {
       "package": {
@@ -14,7 +14,8 @@
       },
       "versions": [
         "1.0.0",
-        "9.9.9"
+        "9.9.9",
+        "9.9.11"
       ]
     }
   ],
@@ -62,6 +63,15 @@
         "versions": [
           "9.9.9"
         ]
+      },
+      {
+        "source": "ossf-package-analysis",
+        "sha256": "01c3efc3a2ed492ef5b1577e4c8f6ba09fb8d29075242acdf4d356946815b531",
+        "import_time": "2024-11-16T18:06:01.662802333Z",
+        "modified_time": "2024-11-16T17:51:28Z",
+        "versions": [
+          "9.9.11"
+        ]
       }
     ]
   }

osv/malicious/npm/techtrans/MAL-2024-3089.json

@@ -1,10 +1,10 @@
 {
-  "modified": "2024-11-07T10:37:25Z",
+  "modified": "2024-11-16T18:06:29Z",
   "published": "2024-06-25T13:03:04Z",
   "schema_version": "1.5.0",
   "id": "MAL-2024-3089",
   "summary": "Malicious code in techtrans (npm)",
-  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (a1f475ce121a1aa219038bfecbb87524004300538484d6330aaa6a30885dddcf)\nThe OpenSSF Package Analysis project identified 'techtrans' @ 9.9.9 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (d6d050bc55742f1a2e1eabed468c4ef1708452710d69a1dd8e71daa371368dc5)\nThe OpenSSF Package Analysis project identified 'techtrans' @ 9.9.10 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n",
   "affected": [
     {
       "package": {
@@ -14,7 +14,8 @@
       },
       "versions": [
         "1.0.0",
-        "9.9.9"
+        "9.9.9",
+        "9.9.10"
       ]
     }
   ],
@@ -62,6 +63,15 @@
         "versions": [
           "9.9.9"
         ]
+      },
+      {
+        "source": "ossf-package-analysis",
+        "sha256": "d6d050bc55742f1a2e1eabed468c4ef1708452710d69a1dd8e71daa371368dc5",
+        "import_time": "2024-11-16T18:06:01.784452055Z",
+        "modified_time": "2024-11-16T17:53:26Z",
+        "versions": [
+          "9.9.10"
+        ]
       }
     ]
   }