Skip to content

Commit ef84b7c

Browse files
author
github-actions
committed
Assign IDs
1 parent 7b31616 commit ef84b7c

File tree

2 files changed

+8
-9
lines changed

2 files changed

+8
-9
lines changed

osv/malicious/.id-allocator

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
e93cd734d090b452ba04e4362f5667124491d1eecfe7ad47cec5720dd9c64dc2
1+
25ad65c35d82c748bc07f1fefb28337270cdd9d37208688ee89fa35410a6c401

osv/malicious/npm/@pypestream/floating-ui-dom/MAL-0000-ghsa-malware-4707deb04498cce7.json renamed to osv/malicious/npm/@pypestream/floating-ui-dom/MAL-2026-2030.json

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,12 @@
22
"modified": "2026-03-22T17:11:18Z",
33
"published": "2026-03-22T17:11:18Z",
44
"schema_version": "1.7.4",
5-
"id": "",
5+
"id": "MAL-2026-2030",
66
"aliases": [
77
"GHSA-5h9j-3cr5-f9xj"
88
],
9-
"summary": "Malware in @pypestream/floating-ui-dom",
10-
"details": "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.",
9+
"summary": "Malicious code in @pypestream/floating-ui-dom (npm)",
10+
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (4707deb04498cce7bf16b61d141bc29a85f4fbadbadd75fdc3b78fdac6eb8f74)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n",
1111
"affected": [
1212
{
1313
"package": {
@@ -24,8 +24,7 @@
2424
"description": "The product contains code that appears to be malicious in nature.",
2525
"name": "Embedded Malicious Code"
2626
}
27-
],
28-
"ghsa": "https://github.com/advisories/GHSA-5h9j-3cr5-f9xj"
27+
]
2928
}
3029
}
3130
],
@@ -38,11 +37,11 @@
3837
"database_specific": {
3938
"malicious-packages-origins": [
4039
{
41-
"source": "ghsa-malware",
42-
"sha256": "4707deb04498cce7bf16b61d141bc29a85f4fbadbadd75fdc3b78fdac6eb8f74",
43-
"import_time": "2026-03-22T17:23:56.008160142Z",
4440
"id": "GHSA-5h9j-3cr5-f9xj",
41+
"import_time": "2026-03-22T17:23:56.008160142Z",
4542
"modified_time": "2026-03-22T17:11:18Z",
43+
"sha256": "4707deb04498cce7bf16b61d141bc29a85f4fbadbadd75fdc3b78fdac6eb8f74",
44+
"source": "ghsa-malware",
4645
"versions": [
4746
"2.15.1"
4847
]

0 commit comments

Comments
 (0)