{"id":"MAL-2023-8775","summary":"Malicious code in ngx-ndbx (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (b85b4ba8a7146a1450ff0a1cc8b119bda90a838d67b93d8ad4f080551bfe002e)\nThe OpenSSF Package Analysis project identified 'ngx-ndbx' @ 18.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2023-12-31T04:34:10Z","published":"2023-12-31T03:12:00Z","database_specific":{"malicious-packages-origins":[{"versions":["1.0.0"],"modified_time":"2023-12-31T03:12:00Z","import_time":"2023-12-31T03:33:50.191471025Z","source":"ossf-package-analysis","sha256":"69327ffe5f569210e2a99438109d60188c4d70def3c3d203def4d49c2ea68144"},{"versions":["18.0.0"],"modified_time":"2023-12-31T04:19:30Z","import_time":"2023-12-31T04:33:55.570061712Z","source":"ossf-package-analysis","sha256":"b85b4ba8a7146a1450ff0a1cc8b119bda90a838d67b93d8ad4f080551bfe002e"}]},"affected":[{"package":{"name":"ngx-ndbx","ecosystem":"npm","purl":"pkg:npm/ngx-ndbx"},"versions":["1.0.0","18.0.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ngx-ndbx/MAL-2023-8775.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}