{"id":"MAL-2023-1338","summary":"Malicious code in vote-chatbot (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (19c7207472bfc0beece07f85734b2c399c40fc27dd1cfac03ca92492bbbc7cad)\nThe OpenSSF Package Analysis project identified 'vote-chatbot' @ 47.47.48 (npm) as malicious.\n\nIt is considered malicious because:\n- The package communicates with a domain associated with malicious activity.\n","modified":"2023-07-03T19:15:40Z","published":"2023-07-03T19:15:40Z","database_specific":{"malicious-packages-origins":[{"versions":["47.47.48"],"source":"ossf-package-analysis","sha256":"19c7207472bfc0beece07f85734b2c399c40fc27dd1cfac03ca92492bbbc7cad","modified_time":"2023-07-03T19:15:40.036782153Z","import_time":"2023-08-10T06:16:27.139504159Z"}]},"affected":[{"package":{"name":"vote-chatbot","ecosystem":"npm","purl":"pkg:npm/vote-chatbot"},"versions":["47.47.48"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/vote-chatbot/MAL-2023-1338.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}