{"id":"MAL-2024-1387","summary":"Malicious code in sanar-website-v3 (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (5343e64c2316fbb0e3c6256f74b5b0da7993903262ed71f836a93f2e929ced78)\nThe OpenSSF Package Analysis project identified 'sanar-website-v3' @ 1.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2024-08-09T23:34:29Z","published":"2024-05-28T02:04:04Z","database_specific":{"malicious-packages-origins":[{"versions":["1.0.0"],"source":"ossf-package-analysis","sha256":"5343e64c2316fbb0e3c6256f74b5b0da7993903262ed71f836a93f2e929ced78","import_time":"2024-05-28T02:16:07.639026087Z","modified_time":"2024-05-28T02:04:04Z"},{"versions":["4.0.0"],"source":"ossf-package-analysis","sha256":"b4e562665651334a7420758d8ab817dd8cd233f0d82017802a55f417ee5207bd","import_time":"2024-06-05T11:34:03.957095153Z","modified_time":"2024-06-05T11:28:42Z"},{"versions":["6.0.1"],"source":"ossf-package-analysis","sha256":"645f4b82ce36e0a8d176c34507038b41910965cca0dff633b70283849f1e791a","import_time":"2024-08-09T23:33:57.594621603Z","modified_time":"2024-08-09T23:13:40Z"}]},"affected":[{"package":{"name":"sanar-website-v3","ecosystem":"npm","purl":"pkg:npm/sanar-website-v3"},"versions":["1.0.0","4.0.0","6.0.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/sanar-website-v3/MAL-2024-1387.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}