{"id":"MAL-2023-1305","summary":"Malicious code in stateful-fastclick (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (5a06e5b71a04fa67ca20937e8e438c638644db87d181799a046d22c568e6c4c5)\nThe OpenSSF Package Analysis project identified 'stateful-fastclick' @ 1.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n- The package communicates with a domain associated with malicious activity.\n","aliases":["SNYK-JS-STATEFULFASTCLICK-3336024"],"modified":"2024-06-28T03:14:01.721840Z","published":"2023-05-01T14:11:34Z","database_specific":{"malicious-packages-origins":[{"source":"ossf-package-analysis","import_time":"2023-08-10T06:15:29.671406644Z","versions":["1.0.0"],"sha256":"5a06e5b71a04fa67ca20937e8e438c638644db87d181799a046d22c568e6c4c5","modified_time":"2023-05-01T14:11:34.868944925Z"},{"source":"reversing-labs","import_time":"2024-06-28T02:44:49.148459248Z","versions":["1.0.0"],"sha256":"e971e5df3209e798070a85f072f6268ab3dd9c912b2d87edc16c0ba49efccd20","id":"RLMA-2024-01789","modified_time":"2024-06-25T13:02:04Z"}]},"references":[{"type":"ADVISORY","url":"https://security.snyk.io/vuln/SNYK-JS-STATEFULFASTCLICK-3336024"}],"affected":[{"package":{"name":"stateful-fastclick","ecosystem":"npm","purl":"pkg:npm/stateful-fastclick"},"versions":["1.0.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/stateful-fastclick/MAL-2023-1305.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}