{"id":"MAL-2024-7746","summary":"Malicious code in inline-icons (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (f9b4dc3b900cda7b3ddba48442ae448f1af310a11854f024134f391baafb62d8)\nThe OpenSSF Package Analysis project identified 'inline-icons' @ 70.69.69 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2024-10-24T01:01:56Z","published":"2024-07-15T19:41:23Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2024-07-15T19:41:23Z","versions":["70.69.69"],"source":"ossf-package-analysis","import_time":"2024-07-15T20:05:14.721874546Z","sha256":"f9b4dc3b900cda7b3ddba48442ae448f1af310a11854f024134f391baafb62d8"},{"modified_time":"2024-07-23T13:38:58Z","versions":["71.69.69"],"source":"ossf-package-analysis","import_time":"2024-07-23T14:04:51.866546514Z","sha256":"73337237768310ac85c3743769a2fd04c56b5a75919cdbec7151b629174ddd2b"},{"modified_time":"2024-10-16T12:58:24Z","versions":["69.69.70","71.69.69","72.69.69"],"id":"RLMA-2024-06738","import_time":"2024-10-24T00:56:27.652232955Z","sha256":"de9a3ffb93222a658ea5a56b537851e803537179197abd6bb237bca0064e0c7d","source":"reversing-labs"}]},"affected":[{"package":{"name":"inline-icons","ecosystem":"npm","purl":"pkg:npm/inline-icons"},"versions":["70.69.69","71.69.69","69.69.70","72.69.69"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/inline-icons/MAL-2024-7746.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}