{"id":"MAL-2025-2552","summary":"Malicious code in io.github.leetcrunch:scribejava-core (Maven)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: google-open-source-security (8dd884cda209e50c2bd5185172f3c25968cb972cbd19234779b43f4f855f2d26)\nA malicious Maven Java package a typosquatting a legitimate OAuth Maven\npackage. The malicious package collects and exfils OAuth credentials on\nthe 15th day of each month.\n","modified":"2025-03-20T00:30:11.616934Z","published":"2025-03-19T23:55:30Z","database_specific":{"malicious-packages-origins":[{"source":"google-open-source-security","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"sha256":"8dd884cda209e50c2bd5185172f3c25968cb972cbd19234779b43f4f855f2d26","import_time":"2025-03-20T00:02:04.794639Z","modified_time":"2025-03-19T23:55:30Z"}]},"references":[{"type":"ARTICLE","url":"https://socket.dev/blog/malicious-maven-package-exfiltrates-oauth-credentials"}],"affected":[{"package":{"name":"io.github.leetcrunch:scribejava-core","ecosystem":"Maven","purl":"pkg:maven/io.github.leetcrunch/scribejava-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["8.3.5"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/maven/io.github.leetcrunch:scribejava-core/MAL-2025-2552.json"}}],"schema_version":"1.7.3","credits":[{"name":"Socket","type":"FINDER"}]}