{"id":"MAL-2024-1184","summary":"Malicious code in wm-search-deployables (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (75117d2388716c2ebc07fc5320bc6b6d5130dc106da865682566ea803272aa8d)\nThe OpenSSF Package Analysis project identified 'wm-search-deployables' @ 99.3.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2024-04-02T23:05:32Z","published":"2024-03-29T14:05:53Z","database_specific":{"malicious-packages-origins":[{"source":"ossf-package-analysis","import_time":"2024-04-02T23:05:11.372523699Z","modified_time":"2024-03-30T02:00:36Z","sha256":"75117d2388716c2ebc07fc5320bc6b6d5130dc106da865682566ea803272aa8d","versions":["99.3.0"]},{"source":"ossf-package-analysis","import_time":"2024-04-02T23:05:11.281436316Z","modified_time":"2024-03-29T14:05:53Z","sha256":"ab34cc0834ee4962eaf947f1e05e551dcb989c4aca65ec74d147a7db3cd59833","versions":["99.2.0"]}]},"affected":[{"package":{"name":"wm-search-deployables","ecosystem":"npm","purl":"pkg:npm/wm-search-deployables"},"versions":["99.3.0","99.2.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/wm-search-deployables/MAL-2024-1184.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}