{"id":"MAL-2024-9103","summary":"Malicious code in @fdp-tools/artifactory (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (7d1bc272c51a6ad1997aaaa84623c7746d308a5e53386e01c6845e1b849c7ffa)\nThe OpenSSF Package Analysis project identified '@fdp-tools/artifactory' @ 0.0.10 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2024-10-08T08:30:43Z","published":"2024-10-08T08:30:43Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2024-10-08T08:30:43Z","source":"ossf-package-analysis","import_time":"2024-10-08T08:38:15.268283201Z","sha256":"7d1bc272c51a6ad1997aaaa84623c7746d308a5e53386e01c6845e1b849c7ffa","versions":["0.0.10"]}]},"affected":[{"package":{"name":"@fdp-tools/artifactory","ecosystem":"npm","purl":"pkg:npm/%40fdp-tools/artifactory"},"versions":["0.0.10"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@fdp-tools/artifactory/MAL-2024-9103.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}