Skip to content

Commit

Permalink
Assign IDs
Browse files Browse the repository at this point in the history
  • Loading branch information
github-actions committed Nov 23, 2024
1 parent b28bf3a commit afcc8f9
Show file tree
Hide file tree
Showing 7 changed files with 25 additions and 25 deletions.
2 changes: 1 addition & 1 deletion osv/malicious/.id-allocator
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
d76fe3a55c7b30755eaf7208188f29bf53faa369ae62a19a46172884932b9170
83c04cc2699245340cdb48e0339c1c291e26ed3cf887e139cdda4c2a502f97a3
8 changes: 4 additions & 4 deletions ...sf-package-analysis-a84ece988632f5b1.json → ...ous/npm/@framgia/test/MAL-2024-10885.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
"modified": "2024-11-23T01:27:39Z",
"published": "2024-11-23T01:27:39Z",
"schema_version": "1.5.0",
"id": "",
"id": "MAL-2024-10885",
"summary": "Malicious code in @framgia/test (npm)",
"details": "The OpenSSF Package Analysis project identified '@framgia/test' @ 9.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n",
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (a84ece988632f5b1341c70168c0e8ca664277c904e9aae19d1541c7f7e2df3c8)\nThe OpenSSF Package Analysis project identified '@framgia/test' @ 9.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n",
"affected": [
{
"package": {
Expand All @@ -29,10 +29,10 @@
"database_specific": {
"malicious-packages-origins": [
{
"source": "ossf-package-analysis",
"sha256": "a84ece988632f5b1341c70168c0e8ca664277c904e9aae19d1541c7f7e2df3c8",
"import_time": "2024-11-23T01:32:40.616689174Z",
"modified_time": "2024-11-23T01:27:39Z",
"sha256": "a84ece988632f5b1341c70168c0e8ca664277c904e9aae19d1541c7f7e2df3c8",
"source": "ossf-package-analysis",
"versions": [
"9.0.0"
]
Expand Down
8 changes: 4 additions & 4 deletions ...sf-package-analysis-72ede61dd92f3fa7.json → ...s/npm/web-chat-portal/MAL-2024-10886.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
"modified": "2024-11-22T01:18:33Z",
"published": "2024-11-22T01:18:33Z",
"schema_version": "1.5.0",
"id": "",
"id": "MAL-2024-10886",
"summary": "Malicious code in web-chat-portal (npm)",
"details": "The OpenSSF Package Analysis project identified 'web-chat-portal' @ 9.1.8 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (72ede61dd92f3fa7af9b36bb4dfddf045e80bec072b61960d57bf2c428678dd8)\nThe OpenSSF Package Analysis project identified 'web-chat-portal' @ 9.1.8 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"affected": [
{
"package": {
Expand All @@ -29,10 +29,10 @@
"database_specific": {
"malicious-packages-origins": [
{
"source": "ossf-package-analysis",
"sha256": "72ede61dd92f3fa7af9b36bb4dfddf045e80bec072b61960d57bf2c428678dd8",
"import_time": "2024-11-23T01:32:40.7269502Z",
"modified_time": "2024-11-22T01:18:33Z",
"sha256": "72ede61dd92f3fa7af9b36bb4dfddf045e80bec072b61960d57bf2c428678dd8",
"source": "ossf-package-analysis",
"versions": [
"9.1.8"
]
Expand Down
8 changes: 4 additions & 4 deletions ...sf-package-analysis-b937e00679440a6a.json → ...eb_enhance_sap-latest/MAL-2024-10887.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
"modified": "2024-11-22T01:35:47Z",
"published": "2024-11-22T01:35:47Z",
"schema_version": "1.5.0",
"id": "",
"id": "MAL-2024-10887",
"summary": "Malicious code in web_enhance_sap-latest (npm)",
"details": "The OpenSSF Package Analysis project identified 'web_enhance_sap-latest' @ 6.5.9 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (b937e00679440a6af4ba38c5214cc8b3038cfc821bd886c2a13c4432fd518c8d)\nThe OpenSSF Package Analysis project identified 'web_enhance_sap-latest' @ 6.5.9 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"affected": [
{
"package": {
Expand All @@ -29,10 +29,10 @@
"database_specific": {
"malicious-packages-origins": [
{
"source": "ossf-package-analysis",
"sha256": "b937e00679440a6af4ba38c5214cc8b3038cfc821bd886c2a13c4432fd518c8d",
"import_time": "2024-11-23T01:32:40.821781454Z",
"modified_time": "2024-11-22T01:35:47Z",
"sha256": "b937e00679440a6af4ba38c5214cc8b3038cfc821bd886c2a13c4432fd518c8d",
"source": "ossf-package-analysis",
"versions": [
"6.5.9"
]
Expand Down
8 changes: 4 additions & 4 deletions ...sf-package-analysis-b978023e5a3944c4.json → ...-insert-sentry-plugin/MAL-2024-10888.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
"modified": "2024-11-22T05:40:51Z",
"published": "2024-11-22T05:40:51Z",
"schema_version": "1.5.0",
"id": "",
"id": "MAL-2024-10888",
"summary": "Malicious code in webpack-insert-sentry-plugin (npm)",
"details": "The OpenSSF Package Analysis project identified 'webpack-insert-sentry-plugin' @ 7.5.6 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (b978023e5a3944c4aa407854a5bfa48809044c5ab82e1d448534585ffe8e7780)\nThe OpenSSF Package Analysis project identified 'webpack-insert-sentry-plugin' @ 7.5.6 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"affected": [
{
"package": {
Expand All @@ -29,10 +29,10 @@
"database_specific": {
"malicious-packages-origins": [
{
"source": "ossf-package-analysis",
"sha256": "b978023e5a3944c4aa407854a5bfa48809044c5ab82e1d448534585ffe8e7780",
"import_time": "2024-11-23T01:32:40.928589081Z",
"modified_time": "2024-11-22T05:40:51Z",
"sha256": "b978023e5a3944c4aa407854a5bfa48809044c5ab82e1d448534585ffe8e7780",
"source": "ossf-package-analysis",
"versions": [
"7.5.6"
]
Expand Down
8 changes: 4 additions & 4 deletions ...sf-package-analysis-51d2d55342e62449.json → ...t-multi-domain-plugin/MAL-2024-10889.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
"modified": "2024-11-22T06:09:16Z",
"published": "2024-11-22T06:09:16Z",
"schema_version": "1.5.0",
"id": "",
"id": "MAL-2024-10889",
"summary": "Malicious code in webpack-support-multi-domain-plugin (npm)",
"details": "The OpenSSF Package Analysis project identified 'webpack-support-multi-domain-plugin' @ 8.4.10 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (51d2d55342e62449162a0d8f5e4decfefa0234cf03af272587335d3512654f93)\nThe OpenSSF Package Analysis project identified 'webpack-support-multi-domain-plugin' @ 8.4.10 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"affected": [
{
"package": {
Expand All @@ -29,10 +29,10 @@
"database_specific": {
"malicious-packages-origins": [
{
"source": "ossf-package-analysis",
"sha256": "51d2d55342e62449162a0d8f5e4decfefa0234cf03af272587335d3512654f93",
"import_time": "2024-11-23T01:32:41.021306584Z",
"modified_time": "2024-11-22T06:09:16Z",
"sha256": "51d2d55342e62449162a0d8f5e4decfefa0234cf03af272587335d3512654f93",
"source": "ossf-package-analysis",
"versions": [
"8.4.10"
]
Expand Down
8 changes: 4 additions & 4 deletions ...sf-package-analysis-1074de87df65ed67.json → ...ack-svg-spirit-import/MAL-2024-10890.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
"modified": "2024-11-22T06:39:25Z",
"published": "2024-11-22T06:39:25Z",
"schema_version": "1.5.0",
"id": "",
"id": "MAL-2024-10890",
"summary": "Malicious code in webpack-svg-spirit-import (npm)",
"details": "The OpenSSF Package Analysis project identified 'webpack-svg-spirit-import' @ 10.3.4 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (1074de87df65ed674a1cd3619edb96563b2e9922f6967dd57a008046f4739b46)\nThe OpenSSF Package Analysis project identified 'webpack-svg-spirit-import' @ 10.3.4 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n",
"affected": [
{
"package": {
Expand All @@ -29,10 +29,10 @@
"database_specific": {
"malicious-packages-origins": [
{
"source": "ossf-package-analysis",
"sha256": "1074de87df65ed674a1cd3619edb96563b2e9922f6967dd57a008046f4739b46",
"import_time": "2024-11-23T01:32:41.099131799Z",
"modified_time": "2024-11-22T06:39:25Z",
"sha256": "1074de87df65ed674a1cd3619edb96563b2e9922f6967dd57a008046f4739b46",
"source": "ossf-package-analysis",
"versions": [
"10.3.4"
]
Expand Down

0 comments on commit afcc8f9

Please sign in to comment.