{"id":"MAL-2024-3983","summary":"Malicious code in yinhai-ta3 (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","aliases":["SNYK-JS-YINHAITA3-6044716"],"modified":"2024-10-24T01:01:57Z","published":"2024-06-25T13:22:40Z","database_specific":{"malicious-packages-origins":[{"import_time":"2024-06-28T02:46:42.593590745Z","id":"RLMA-2024-02758","modified_time":"2024-06-25T13:22:40Z","versions":["6.0.6","6.0.2","6.0.3","3.0.2"],"sha256":"18c15211b01bceec73e8dc143ac2d83023aefd61a5720067f9b2fa1fc4b22cb4","source":"reversing-labs"},{"import_time":"2024-10-24T00:58:34.789455969Z","id":"RLUA-2024-07614","modified_time":"2024-10-16T13:46:49Z","sha256":"9ec7e6284fc1b3c99e1cc7342ef285e2e8a677ffd9e2ea5ece6a796679d84696","source":"reversing-labs"}]},"references":[{"type":"ARTICLE","url":"https://blog.phylum.io/dozens-of-npm-packages-caught-attempting-to-deploy-reverse-shell/"},{"type":"ADVISORY","url":"https://security.snyk.io/vuln/SNYK-JS-YINHAITA3-6044716"}],"affected":[{"package":{"name":"yinhai-ta3","ecosystem":"npm","purl":"pkg:npm/yinhai-ta3"},"versions":["6.0.6","6.0.2","6.0.3","3.0.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/yinhai-ta3/MAL-2024-3983.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}