{"id":"MAL-2023-1160","summary":"Malicious code in docs-component-title (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (1e4e933240e0533957a39c9132a6925469e069081320949dc198545fd1080a49)\nThe OpenSSF Package Analysis project identified 'docs-component-title' @ 1.2.2 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2023-08-29T12:41:55Z","published":"2023-05-18T15:27:18Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2023-05-18T15:27:18.985624576Z","versions":["1.1.0"],"source":"ossf-package-analysis","sha256":"bba6744a0120434b3347dbaa316673bf38f5a7b3961dea4ea08e9ae8a4b228f4","import_time":"2023-08-10T06:15:59.365165956Z"},{"modified_time":"2023-08-29T12:24:26Z","versions":["1.2.2"],"source":"ossf-package-analysis","sha256":"1e4e933240e0533957a39c9132a6925469e069081320949dc198545fd1080a49","import_time":"2023-08-29T12:41:39.231425732Z"}]},"affected":[{"package":{"name":"docs-component-title","ecosystem":"npm","purl":"pkg:npm/docs-component-title"},"versions":["1.1.0","1.2.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/docs-component-title/MAL-2023-1160.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}