{"id":"MAL-2024-1988","summary":"Malicious code in @expue/cli (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","aliases":["SNYK-JS-EXPUECLI-5920720"],"modified":"2024-10-24T01:01:55Z","published":"2024-06-25T12:19:35Z","database_specific":{"malicious-packages-origins":[{"import_time":"2024-06-28T02:41:20.100891023Z","versions":["0.0.3-alpha.0"],"sha256":"8eb2d74c2ae8c1643a730190805740c37d3bb64882c12b4257081a0213d9d96b","source":"reversing-labs","modified_time":"2024-06-25T12:19:35Z","id":"RLMA-2024-00062"},{"import_time":"2024-10-24T00:57:17.601132779Z","sha256":"8ee9307ca804510d76d34c647b11c25dcfdb30999682cf2546e374f447ec345e","source":"reversing-labs","modified_time":"2024-10-16T12:21:51Z","id":"RLUA-2024-05912"},{"import_time":"2024-10-24T00:49:15.880418012Z","versions":["0.0.3-alpha.0"],"sha256":"e137c4603a63b2792b88a9ae32f79212ff666a3c1ccb9a66b58396aa8ede02e5","source":"reversing-labs","modified_time":"2024-06-25T12:19:35Z","id":"RLMA-2024-00062"}]},"references":[{"type":"ARTICLE","url":"https://blog.phylum.io/sensitive-data-exfiltration-campaign-targets-npm-and-pypi/"},{"type":"ADVISORY","url":"https://security.snyk.io/vuln/SNYK-JS-EXPUECLI-5920720"}],"affected":[{"package":{"name":"@expue/cli","ecosystem":"npm","purl":"pkg:npm/%40expue/cli"},"versions":["0.0.3-alpha.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@expue/cli/MAL-2024-1988.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}