VDB
EN

MAL-2026-10734

Malicious code in infrastructure-common (npm)

상세

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (d64169ae87d8d9eaad199be028a70610f025f61e0c947838c05c24a1dd4d5578) package.json declares a preinstall lifecycle script that runs `node -e` to issue an HTTP GET to a Burp Collaborator subdomain at w635fyvrqkfmh9wc9uw8444cp3vujl7a.oastify.com when `npm install` runs. The callback confirms code execution on the installer's host and leaks the installer's public IP and DNS resolver to a third-party listener. The package name `infrastructure-common` combined with an implausibly high `99.9.9` version is the canonical dependency-confusion shape, in which a public package is registered to shadow an internal name at install-time resolution.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / infrastructure-common

No fixed version published yet for infrastructure-common (npm). Pin to a known-safe version or switch to an alternative.

참고