{"id":"MAL-2024-9439","summary":"Malicious code in @ttspc/open_center_qf_detail (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (a15a1727f1b14f403e9cffda24e402c7d16d8088d26e3bb7377d2d81ab791a52)\nThe OpenSSF Package Analysis project identified '@ttspc/open_center_qf_detail' @ 100.100.102 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2024-10-22T12:09:01Z","published":"2024-10-19T21:14:49Z","database_specific":{"malicious-packages-origins":[{"source":"ossf-package-analysis","import_time":"2024-10-19T21:33:50.701225181Z","modified_time":"2024-10-19T21:14:49Z","sha256":"a15a1727f1b14f403e9cffda24e402c7d16d8088d26e3bb7377d2d81ab791a52","versions":["100.100.102"]},{"source":"ossf-package-analysis","import_time":"2024-10-22T12:08:36.919377502Z","modified_time":"2024-10-22T11:40:33Z","sha256":"af94c1881a6fc43b5637ba7a8f4755443c996c194b3b4d73f26d1b711f10934a","versions":["100.100.104"]}]},"affected":[{"package":{"name":"@ttspc/open_center_qf_detail","ecosystem":"npm","purl":"pkg:npm/%40ttspc/open_center_qf_detail"},"versions":["100.100.102","100.100.104"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@ttspc/open_center_qf_detail/MAL-2024-9439.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}