{"id":"MAL-2023-1190","summary":"Malicious code in gql2ts-from-schema (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (7a1acee750c796d45e602f027ea638a05590a78bb142aca903bfb2bb169466a6)\nThe OpenSSF Package Analysis project identified 'gql2ts-from-schema' @ 2.1.1 (npm) as malicious.\n\nIt is considered malicious because:\n- The package communicates with a domain associated with malicious activity.\n","modified":"2024-06-28T02:53:16Z","published":"2023-05-11T06:04:38Z","database_specific":{"malicious-packages-origins":[{"versions":["2.1.1"],"modified_time":"2023-05-11T06:04:38.121713302Z","import_time":"2023-08-10T06:15:49.808831434Z","sha256":"7a1acee750c796d45e602f027ea638a05590a78bb142aca903bfb2bb169466a6","source":"ossf-package-analysis"},{"versions":["2.1.1"],"modified_time":"2024-06-25T12:44:37Z","import_time":"2024-06-28T02:43:24.456055612Z","sha256":"1a00b9322bd5ce7e05d22cd2e755e72d0c43e5d3ae994055142c5b385f56b481","source":"reversing-labs","id":"RLMA-2024-01094"}]},"affected":[{"package":{"name":"gql2ts-from-schema","ecosystem":"npm","purl":"pkg:npm/gql2ts-from-schema"},"versions":["2.1.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/gql2ts-from-schema/MAL-2023-1190.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}