{"id":"MAL-2024-3839","summary":"Malicious code in @expue/vue-renderer (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","aliases":["SNYK-JS-EXPUEVUERENDERER-5920717"],"modified":"2024-10-24T01:01:55Z","published":"2024-06-25T12:19:42Z","database_specific":{"malicious-packages-origins":[{"import_time":"2024-06-28T02:41:20.827265474Z","versions":["0.0.3-alpha.0"],"source":"reversing-labs","id":"RLMA-2024-00068","sha256":"26c0ecd2726fddafdd922452b0d71a88916ba7df7322cee8f5717e5ebbd6b343","modified_time":"2024-06-25T12:19:42Z"},{"import_time":"2024-10-24T00:49:16.312522505Z","versions":["0.0.3-alpha.0"],"source":"reversing-labs","id":"RLMA-2024-00068","sha256":"788869ba0ce8008be5e9f2ec4d655e691973caadc188bc25affc4e202d15af06","modified_time":"2024-06-25T12:19:42Z"},{"import_time":"2024-10-24T00:57:17.999212101Z","source":"reversing-labs","id":"RLUA-2024-05918","sha256":"898a99ce1ec3b5e065e068000ef493edf1e5892e5820177ed74b38f2021610a5","modified_time":"2024-10-16T12:22:01Z"}]},"references":[{"type":"ARTICLE","url":"https://blog.phylum.io/sensitive-data-exfiltration-campaign-targets-npm-and-pypi/"},{"type":"ADVISORY","url":"https://security.snyk.io/vuln/SNYK-JS-EXPUEVUERENDERER-5920717"}],"affected":[{"package":{"name":"@expue/vue-renderer","ecosystem":"npm","purl":"pkg:npm/%40expue/vue-renderer"},"versions":["0.0.3-alpha.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@expue/vue-renderer/MAL-2024-3839.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}