From f74e37173067bea177ca00cc48446916eb91337b Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:16:36 -0500 Subject: [PATCH 01/42] Add malicious package entry: ab-test-wordpress Signed-off-by: Chi Tran --- .../MAL-0000-ab-test-wordpress.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/ab-test-wordpress/MAL-0000-ab-test-wordpress.json diff --git a/osv/malicious/npm/ab-test-wordpress/MAL-0000-ab-test-wordpress.json b/osv/malicious/npm/ab-test-wordpress/MAL-0000-ab-test-wordpress.json new file mode 100644 index 0000000000..24c682993e --- /dev/null +++ b/osv/malicious/npm/ab-test-wordpress/MAL-0000-ab-test-wordpress.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:16:35.570Z", + "published": "2025-10-14T03:16:35.570Z", + "schema_version": "1.5.0", + "summary": "Malicious code in ab-test-wordpress package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ab-test-wordpress" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.18.3" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 56730bf68208c40a7dc27161ce557bc2f3bf0ef2 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:19:53 -0500 Subject: [PATCH 02/42] Add malicious package entry: ab-testing-for-wp Signed-off-by: Chi Tran --- .../MAL-0000-ab-testing-for-wp.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/ab-testing-for-wp/MAL-0000-ab-testing-for-wp.json diff --git a/osv/malicious/npm/ab-testing-for-wp/MAL-0000-ab-testing-for-wp.json b/osv/malicious/npm/ab-testing-for-wp/MAL-0000-ab-testing-for-wp.json new file mode 100644 index 0000000000..f51c1d9a37 --- /dev/null +++ b/osv/malicious/npm/ab-testing-for-wp/MAL-0000-ab-testing-for-wp.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:19:52.888Z", + "published": "2025-10-14T03:19:52.888Z", + "schema_version": "1.5.0", + "summary": "Malicious code in ab-testing-for-wp package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ab-testing-for-wp" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.18.3" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 82f08c9146a339f0f20e0e21c927be3da7caaac4 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:20:12 -0500 Subject: [PATCH 03/42] Add malicious package entry: spot-electron-sdk Signed-off-by: Chi Tran --- .../MAL-0000-spot-electron-sdk.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/spot-electron-sdk/MAL-0000-spot-electron-sdk.json diff --git a/osv/malicious/npm/spot-electron-sdk/MAL-0000-spot-electron-sdk.json b/osv/malicious/npm/spot-electron-sdk/MAL-0000-spot-electron-sdk.json new file mode 100644 index 0000000000..f8d5b052b0 --- /dev/null +++ b/osv/malicious/npm/spot-electron-sdk/MAL-0000-spot-electron-sdk.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:20:12.628Z", + "published": "2025-10-14T03:20:12.628Z", + "schema_version": "1.5.0", + "summary": "Malicious code in spot-electron-sdk package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "spot-electron-sdk" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "2.0.5" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From d4e2d38ff42807d5f4b422b81757e8146f2b0d6b Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:28:15 -0500 Subject: [PATCH 04/42] Add malicious package entry: debug-mj-v3 Signed-off-by: Chi Tran --- .../npm/debug-mj-v3/MAL-0000-debug-mj-v3.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json diff --git a/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json b/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json new file mode 100644 index 0000000000..f70c5e1b58 --- /dev/null +++ b/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:28:14.363Z", + "published": "2025-10-14T03:28:14.363Z", + "schema_version": "1.5.0", + "summary": "Malicious code in debug-mj-v3 package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "debug-mj-v3" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From cd6351b886db9aa1e13d530162127121ed7fc59a Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:31:00 -0500 Subject: [PATCH 05/42] Add malicious package entry: debug-mj Signed-off-by: Chi Tran --- .../npm/debug-mj/MAL-0000-debug-mj.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json diff --git a/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json b/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json new file mode 100644 index 0000000000..cb2e2b616a --- /dev/null +++ b/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:31:00.331Z", + "published": "2025-10-14T03:31:00.331Z", + "schema_version": "1.5.0", + "summary": "Malicious code in debug-mj package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "debug-mj" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 13ff0d488c152d81b8682e548342e00027357b93 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:34:53 -0500 Subject: [PATCH 06/42] Add malicious package entry: sb_wm_integrator Signed-off-by: Chi Tran --- .../MAL-0000-sbwmintegrator.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/sb_wm_integrator/MAL-0000-sbwmintegrator.json diff --git a/osv/malicious/npm/sb_wm_integrator/MAL-0000-sbwmintegrator.json b/osv/malicious/npm/sb_wm_integrator/MAL-0000-sbwmintegrator.json new file mode 100644 index 0000000000..e4582df237 --- /dev/null +++ b/osv/malicious/npm/sb_wm_integrator/MAL-0000-sbwmintegrator.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:34:53.060Z", + "published": "2025-10-14T03:34:53.060Z", + "schema_version": "1.5.0", + "summary": "Malicious code in sb_wm_integrator package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "sb_wm_integrator" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "10.0.33" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From f23f44c7320356e6b968b5f6913862ae88ca04fe Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:35:30 -0500 Subject: [PATCH 07/42] Add malicious package entry: iwf-ant-design-draggable-modal Signed-off-by: Chi Tran --- ...L-0000-iwf-ant-design-draggable-modal.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/iwf-ant-design-draggable-modal/MAL-0000-iwf-ant-design-draggable-modal.json diff --git a/osv/malicious/npm/iwf-ant-design-draggable-modal/MAL-0000-iwf-ant-design-draggable-modal.json b/osv/malicious/npm/iwf-ant-design-draggable-modal/MAL-0000-iwf-ant-design-draggable-modal.json new file mode 100644 index 0000000000..6c9e61605b --- /dev/null +++ b/osv/malicious/npm/iwf-ant-design-draggable-modal/MAL-0000-iwf-ant-design-draggable-modal.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:35:29.945Z", + "published": "2025-10-14T03:35:29.945Z", + "schema_version": "1.5.0", + "summary": "Malicious code in iwf-ant-design-draggable-modal package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "iwf-ant-design-draggable-modal" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From d89ad892038647fe4c68766539d9567f2800fc61 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:46:48 -0500 Subject: [PATCH 08/42] Add malicious package entry: private-callout-queue Signed-off-by: Chi Tran --- .../MAL-0000-private-callout-queue.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json diff --git a/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json b/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json new file mode 100644 index 0000000000..b271e5d53e --- /dev/null +++ b/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:46:47.627Z", + "published": "2025-10-14T03:46:47.627Z", + "schema_version": "1.5.0", + "summary": "Malicious code in private-callout-queue package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "private-callout-queue" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 66ab1b876d96cf6d49a781ea06409ff236e1b5e3 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:46:54 -0500 Subject: [PATCH 09/42] Add malicious package entry: private-callouts Signed-off-by: Chi Tran --- .../MAL-0000-private-callouts.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json diff --git a/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json b/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json new file mode 100644 index 0000000000..d738bb7a4b --- /dev/null +++ b/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:46:54.674Z", + "published": "2025-10-14T03:46:54.674Z", + "schema_version": "1.5.0", + "summary": "Malicious code in private-callouts package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "private-callouts" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From cd22dcec87e13b266476cf01149046b8cf4c2f51 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:47:07 -0500 Subject: [PATCH 10/42] Add malicious package entry: company-request-access Signed-off-by: Chi Tran --- .../MAL-0000-company-request-access.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json diff --git a/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json b/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json new file mode 100644 index 0000000000..44659dbd03 --- /dev/null +++ b/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:47:06.728Z", + "published": "2025-10-14T03:47:06.728Z", + "schema_version": "1.5.0", + "summary": "Malicious code in company-request-access package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "company-request-access" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From eebede16b9d988b3f3bd328c748ef1d3ea084d37 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:47:22 -0500 Subject: [PATCH 11/42] Add malicious package entry: company-overview Signed-off-by: Chi Tran --- .../MAL-0000-company-overview.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/company-overview/MAL-0000-company-overview.json diff --git a/osv/malicious/npm/company-overview/MAL-0000-company-overview.json b/osv/malicious/npm/company-overview/MAL-0000-company-overview.json new file mode 100644 index 0000000000..969ba91f84 --- /dev/null +++ b/osv/malicious/npm/company-overview/MAL-0000-company-overview.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:47:22.369Z", + "published": "2025-10-14T03:47:22.369Z", + "schema_version": "1.5.0", + "summary": "Malicious code in company-overview package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "company-overview" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From d3b7b1d4207eb84202c65cc0f603d834bdd697b5 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:47:34 -0500 Subject: [PATCH 12/42] Add malicious package entry: company-access-pending Signed-off-by: Chi Tran --- .../MAL-0000-company-access-pending.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json diff --git a/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json b/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json new file mode 100644 index 0000000000..ebff35ec36 --- /dev/null +++ b/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:47:34.261Z", + "published": "2025-10-14T03:47:34.261Z", + "schema_version": "1.5.0", + "summary": "Malicious code in company-access-pending package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "company-access-pending" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 550ddebd4b5b40fe2b805ee35228f4ca065592c0 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:47:47 -0500 Subject: [PATCH 13/42] Add malicious package entry: company-logo Signed-off-by: Chi Tran --- .../company-logo/MAL-0000-company-logo.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/company-logo/MAL-0000-company-logo.json diff --git a/osv/malicious/npm/company-logo/MAL-0000-company-logo.json b/osv/malicious/npm/company-logo/MAL-0000-company-logo.json new file mode 100644 index 0000000000..7e28d45865 --- /dev/null +++ b/osv/malicious/npm/company-logo/MAL-0000-company-logo.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T03:47:47.588Z", + "published": "2025-10-14T03:47:47.588Z", + "schema_version": "1.5.0", + "summary": "Malicious code in company-logo package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "company-logo" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From f0935a028bfc53ec3cf088942adf6c9f3f13e877 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 22:50:38 -0500 Subject: [PATCH 14/42] Added reports Signed-off-by: Chi Tran --- .../analytics-data-collection-fe/MAL-2025-48316.json | 7 +++++++ .../npm/cloak-withdraw-proofs/MAL-2025-48317.json | 7 +++++++ .../npm/my-unique-package-here/MAL-2025-48314.json | 10 +++++++++- .../npm/scr-web-production/MAL-2025-48346.json | 9 +++++++++ osv/malicious/npm/superbet-icons/MAL-2025-48312.json | 8 ++++++++ .../npm/vue-analytics-plugin/MAL-2025-48313.json | 8 ++++++++ osv/malicious/npm/wt-react/MAL-2025-48402.json | 7 +++++++ 7 files changed, 55 insertions(+), 1 deletion(-) diff --git a/osv/malicious/npm/analytics-data-collection-fe/MAL-2025-48316.json b/osv/malicious/npm/analytics-data-collection-fe/MAL-2025-48316.json index 0b9974161c..a9283b8ea2 100644 --- a/osv/malicious/npm/analytics-data-collection-fe/MAL-2025-48316.json +++ b/osv/malicious/npm/analytics-data-collection-fe/MAL-2025-48316.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/cloak-withdraw-proofs/MAL-2025-48317.json b/osv/malicious/npm/cloak-withdraw-proofs/MAL-2025-48317.json index 113d7ee8e9..de2b9bfc31 100644 --- a/osv/malicious/npm/cloak-withdraw-proofs/MAL-2025-48317.json +++ b/osv/malicious/npm/cloak-withdraw-proofs/MAL-2025-48317.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/my-unique-package-here/MAL-2025-48314.json b/osv/malicious/npm/my-unique-package-here/MAL-2025-48314.json index 657121d76b..0742af0560 100644 --- a/osv/malicious/npm/my-unique-package-here/MAL-2025-48314.json +++ b/osv/malicious/npm/my-unique-package-here/MAL-2025-48314.json @@ -16,11 +16,19 @@ "1.0.9", "1.0.12", "1.0.14", - "1.0.8" + "1.0.8", + "1.0.11" ] } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/scr-web-production/MAL-2025-48346.json b/osv/malicious/npm/scr-web-production/MAL-2025-48346.json index c1d1a991fa..a6034105ab 100644 --- a/osv/malicious/npm/scr-web-production/MAL-2025-48346.json +++ b/osv/malicious/npm/scr-web-production/MAL-2025-48346.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/superbet-icons/MAL-2025-48312.json b/osv/malicious/npm/superbet-icons/MAL-2025-48312.json index af5e9000c8..5f9d69a573 100644 --- a/osv/malicious/npm/superbet-icons/MAL-2025-48312.json +++ b/osv/malicious/npm/superbet-icons/MAL-2025-48312.json @@ -12,11 +12,19 @@ "name": "superbet-icons" }, "versions": [ + "9.9.21", "9.9.22" ] } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/vue-analytics-plugin/MAL-2025-48313.json b/osv/malicious/npm/vue-analytics-plugin/MAL-2025-48313.json index 095712821b..7c09d00a25 100644 --- a/osv/malicious/npm/vue-analytics-plugin/MAL-2025-48313.json +++ b/osv/malicious/npm/vue-analytics-plugin/MAL-2025-48313.json @@ -12,11 +12,19 @@ "name": "vue-analytics-plugin" }, "versions": [ + "9.9.20", "9.9.21" ] } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/wt-react/MAL-2025-48402.json b/osv/malicious/npm/wt-react/MAL-2025-48402.json index d7551a7ff9..afed5d0c33 100644 --- a/osv/malicious/npm/wt-react/MAL-2025-48402.json +++ b/osv/malicious/npm/wt-react/MAL-2025-48402.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", From 234a6db0c2bb14cb77a655737bd621845d629505 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Mon, 13 Oct 2025 23:25:54 -0500 Subject: [PATCH 15/42] Added & merged reports Signed-off-by: Chi Tran --- .../sdk/MAL-0000-custom-widget-sdk.json | 34 +++++++++++++++++++ .../backoffice-test-api/MAL-2025-48289.json | 11 +++++- .../core/MAL-0000-gala-analytics-core.json | 34 +++++++++++++++++++ ...L-0000-gtpn-eslint-config-progressive.json | 34 +++++++++++++++++++ .../MAL-0000-naviance-translation-client.json | 34 +++++++++++++++++++ .../commons/MAL-0000-sudt-faucet-commons.json | 34 +++++++++++++++++++ .../MAL-0000-taskrabbit-meadow-web.json | 34 +++++++++++++++++++ .../MAL-0000-undress-ai-best-undress-ai.json | 34 +++++++++++++++++++ ...000-upside-flex-common-typescript-lib.json | 34 +++++++++++++++++++ ...L-0000-wen-community-wen-new-standard.json | 34 +++++++++++++++++++ .../MAL-0000-ab-test-wordpress.json | 14 +++++--- .../MAL-0000-ab-testing-for-wp.json | 14 +++++--- .../advertising-charts/MAL-2025-48271.json | 11 +++++- .../andes-react-floater/MAL-2025-48272.json | 11 +++++- .../aptos-protos/MAL-0000-aptos-protos.json | 34 +++++++++++++++++++ .../MAL-2025-48241.json | 11 +++++- .../MAL-2025-48273.json | 11 +++++- .../MAL-2025-48274.json | 11 +++++- .../npm/chai-utils/MAL-2025-48242.json | 11 +++++- .../npm/codegrid-js/MAL-0000-codegrid-js.json | 34 +++++++++++++++++++ .../MAL-0000-company-access-pending.json | 14 +++++--- .../company-logo/MAL-0000-company-logo.json | 14 +++++--- .../MAL-0000-company-overview.json | 14 +++++--- .../MAL-0000-company-request-access.json | 14 +++++--- .../cx-contact-hub-lib/MAL-2025-48275.json | 11 +++++- .../MAL-2025-48276.json | 11 +++++- .../npm/debug-mj-v3/MAL-0000-debug-mj-v3.json | 14 +++++--- .../npm/debug-mj/MAL-0000-debug-mj.json | 14 +++++--- .../npm/doppler-sdk/MAL-0000-doppler-sdk.json | 34 +++++++++++++++++++ .../npm/dt-frontend-utils/MAL-2025-48277.json | 11 +++++- .../eslint-config-jest/MAL-2025-48323.json | 11 +++++- .../npm/eslint-js-config/MAL-2025-48291.json | 11 +++++- .../MAL-2025-48278.json | 11 +++++- .../npm/frontend-layout/MAL-2025-48279.json | 11 +++++- .../MAL-2025-48280.json | 11 +++++- .../frontend-photoswipe/MAL-2025-48281.json | 11 +++++- .../MAL-2025-48282.json | 11 +++++- .../npm/graphorbit/MAL-2025-48400.json | 11 +++++- .../MAL-0000-humansdotai-humans-client.json | 34 +++++++++++++++++++ .../ing-util-analytics6/MAL-2025-48315.json | 9 ++++- .../MAL-2025-48283.json | 11 +++++- .../npm/internallib_v125/MAL-2025-48324.json | 11 +++++- .../npm/internallib_v14/MAL-2025-48325.json | 11 +++++- .../npm/internallib_v190/MAL-2025-48326.json | 11 +++++- .../npm/internallib_v600/MAL-2025-48327.json | 11 +++++- .../MAL-2025-48328.json | 11 +++++- .../npm/internallib_v838/MAL-2025-48329.json | 11 +++++- ...L-0000-iwf-ant-design-draggable-modal.json | 14 +++++--- .../npm/js-notifiers/MAL-2025-48243.json | 11 +++++- .../MAL-2025-48293.json | 11 +++++- .../npm/kpi-media-metrics/MAL-2025-48244.json | 11 +++++- .../npm/log4action/MAL-2025-48299.json | 11 +++++- .../npm/lovable-ts/MAL-2025-48300.json | 11 +++++- .../npm/mad-1.0.0.2.2.8./MAL-2025-48245.json | 11 +++++- .../npm/mad-1.2.2.2.2.8/MAL-2025-48330.json | 11 +++++- .../npm/mad-1.2.3.2.2.8/MAL-2025-48331.json | 11 +++++- .../npm/mad-1.2.4.2.2.8/MAL-2025-48332.json | 11 +++++- .../npm/mad-1.2.5.2.2.8/MAL-2025-48333.json | 11 +++++- .../npm/mad-1.2.6.2.2.8/MAL-2025-48334.json | 11 +++++- .../npm/mad-1.2.7.2.2.8/MAL-2025-48335.json | 11 +++++- .../npm/mad-1.2.8.2.2.8/MAL-2025-48336.json | 11 +++++- .../npm/mad-1.2.9.2.2.8/MAL-2025-48246.json | 11 +++++- .../npm/mad-1.4.0.2.2.8/MAL-2025-48247.json | 11 +++++- .../npm/mad-1.4.1.2.2.8/MAL-2025-48248.json | 11 +++++- .../npm/mad-1.4.2.2.2.8/MAL-2025-48249.json | 11 +++++- .../npm/mad-10.1.1.2.2.8/MAL-2025-48250.json | 11 +++++- .../npm/mad-10.2.1.2.2.8/MAL-2025-48251.json | 11 +++++- .../npm/mad-2.0.0.2.2.8./MAL-2025-48252.json | 11 +++++- .../npm/mad-2.0.1.2.2.8./MAL-2025-48253.json | 11 +++++- .../npm/mad-2.0.2.2.2.8./MAL-2025-48254.json | 11 +++++- .../npm/mad-2.4.0.2.2.8/MAL-2025-48255.json | 11 +++++- .../npm/mad-2.4.1.2.2.8/MAL-2025-48256.json | 11 +++++- .../npm/mad-3.0.0.2.2.8./MAL-2025-48257.json | 11 +++++- .../npm/mad-3.0.1.2.2.8./MAL-2025-48258.json | 11 +++++- .../npm/mad-3.0.2.2.2.8./MAL-2025-48259.json | 11 +++++- .../npm/mad-3.2.1.2.2.8/MAL-2025-48337.json | 11 +++++- .../npm/mad-4.0.0.2.2.8./MAL-2025-48260.json | 11 +++++- .../npm/mad-4.0.1.2.2.8./MAL-2025-48261.json | 11 +++++- .../npm/mad-4.2.1.2.2.8/MAL-2025-48338.json | 11 +++++- .../npm/mad-5.0.0.2.2.8./MAL-2025-48262.json | 11 +++++- .../npm/mad-8.2.1.2.2.8/MAL-2025-48339.json | 11 +++++- .../npm/matrix-charts/MAL-2025-48298.json | 11 +++++- .../melichat-chat-library/MAL-2025-48284.json | 11 +++++- .../MAL-0000-metronome-utils.json | 34 +++++++++++++++++++ .../npm/mongodb-orn/MAL-2025-48301.json | 11 +++++- .../npm/mp3-web-lib/MAL-2025-48285.json | 11 +++++- .../MAL-2025-48286.json | 11 +++++- .../npm/nf-iso-properties/MAL-2025-48294.json | 11 +++++- .../npm/nodelog-lite/MAL-2025-48318.json | 11 +++++- .../npm/nodelogex/MAL-2025-48270.json | 11 +++++- .../npm/nodemon-pkg/MAL-2025-48263.json | 11 +++++- .../npm/orbital-ledger/MAL-2025-48264.json | 11 +++++- .../phlex-core-ui/MAL-0000-phlex-core-ui.json | 34 +++++++++++++++++++ .../phoenix-experience/MAL-2025-48265.json | 11 +++++- .../npm/pino-node/MAL-2025-48295.json | 11 +++++- .../pretty-format-setting/MAL-2025-48319.json | 11 +++++- .../MAL-0000-private-callout-queue.json | 14 +++++--- .../MAL-0000-private-callouts.json | 14 +++++--- .../npm/project-serum/MAL-2025-48340.json | 11 +++++- .../qrcode-pretty-react/MAL-2025-48302.json | 11 +++++- .../npm/react-copack/MAL-2025-48266.json | 11 +++++- .../react-icons-loader/MAL-2025-48296.json | 11 +++++- .../MAL-2025-48267.json | 11 +++++- .../npm/react-tediter/MAL-2025-48320.json | 11 +++++- .../npm/react-toast-ui/MAL-2025-48303.json | 11 +++++- .../npm/react-ui-toast/MAL-2025-48321.json | 11 +++++- .../MAL-0000-sbwmintegrator.json | 14 +++++--- .../npm/scr-cloud-project/MAL-2025-48341.json | 11 +++++- .../npm/scr-database/MAL-2025-48342.json | 11 +++++- .../npm/scr-file-theme/MAL-2025-48343.json | 11 +++++- .../MAL-2025-48344.json | 11 +++++- .../scr-theme-production/MAL-2025-48345.json | 11 +++++- .../npm/shakti-platform/MAL-2025-48297.json | 11 +++++- .../npm/simple-app-theme/MAL-2025-48347.json | 9 ++++- .../npm/simple-icon-maker/MAL-2025-48304.json | 11 +++++- .../npm/simple-scr-app/MAL-2025-48348.json | 11 +++++- .../npm/sp-web-utils-lib/MAL-2025-48287.json | 11 +++++- .../MAL-0000-spot-electron-sdk.json | 14 +++++--- .../MAL-2025-48401.json | 9 ++++- .../MAL-2025-48305.json | 11 +++++- .../tailwindcss-animatexs/MAL-2025-48306.json | 11 +++++- .../tailwindcss-remotion/MAL-2025-48307.json | 11 +++++- .../token_security_check/MAL-2025-48238.json | 11 +++++- .../tw-webkit-universal/MAL-2025-48288.json | 11 +++++- .../MAL-0000-ui-library_mercadolibre.json | 34 +++++++++++++++++++ .../MAL-2025-48322.json | 11 +++++- .../vite-configs-viewer/MAL-2025-48268.json | 11 +++++- .../npm/vite-next-loggers/MAL-2025-48269.json | 11 +++++- .../vite-plugin-es6-babel/MAL-2025-48308.json | 11 +++++- .../npm/vite-plugin-parse/MAL-2025-48309.json | 11 +++++- .../MAL-2025-48310.json | 11 +++++- .../MAL-0000-web-palette-react.json | 34 +++++++++++++++++++ .../npm/web3-io-ethers/MAL-2025-48239.json | 11 +++++- .../npm/web3j-io-ethers/MAL-2025-48240.json | 11 +++++- .../MAL-2025-48311.json | 11 +++++- .../MAL-2025-48349.json | 11 +++++- .../MAL-0000-yugabyte_cloud.json | 34 +++++++++++++++++++ 137 files changed, 1783 insertions(+), 171 deletions(-) create mode 100644 osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json create mode 100644 osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json create mode 100644 osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json create mode 100644 osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json create mode 100644 osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json create mode 100644 osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json create mode 100644 osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json create mode 100644 osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json create mode 100644 osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json create mode 100644 osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json create mode 100644 osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json create mode 100644 osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json create mode 100644 osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json create mode 100644 osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json create mode 100644 osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json create mode 100644 osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json create mode 100644 osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json create mode 100644 osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json diff --git a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json new file mode 100644 index 0000000000..2eebc6826c --- /dev/null +++ b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @custom-widget/sdk (npm)", + "details": "The package @custom-widget/sdk was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@custom-widget/sdk" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@evo-tech/backoffice-test-api/MAL-2025-48289.json b/osv/malicious/npm/@evo-tech/backoffice-test-api/MAL-2025-48289.json index fe63c067d7..702c66c56a 100644 --- a/osv/malicious/npm/@evo-tech/backoffice-test-api/MAL-2025-48289.json +++ b/osv/malicious/npm/@evo-tech/backoffice-test-api/MAL-2025-48289.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json new file mode 100644 index 0000000000..4695b2650e --- /dev/null +++ b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @gala-analytics/core (npm)", + "details": "The package @gala-analytics/core was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@gala-analytics/core" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json new file mode 100644 index 0000000000..582c8b542d --- /dev/null +++ b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @gtpn/eslint-config-progressive (npm)", + "details": "The package @gtpn/eslint-config-progressive was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@gtpn/eslint-config-progressive" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json new file mode 100644 index 0000000000..1174838c2f --- /dev/null +++ b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @naviance/translation-client (npm)", + "details": "The package @naviance/translation-client was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@naviance/translation-client" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json new file mode 100644 index 0000000000..1dd38e74c4 --- /dev/null +++ b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @sudt-faucet/commons (npm)", + "details": "The package @sudt-faucet/commons was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@sudt-faucet/commons" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json new file mode 100644 index 0000000000..bbea411bc7 --- /dev/null +++ b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @taskrabbit/meadow-web (npm)", + "details": "The package @taskrabbit/meadow-web was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@taskrabbit/meadow-web" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json new file mode 100644 index 0000000000..cc3abcfe5b --- /dev/null +++ b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @undress-ai/best-undress-ai (npm)", + "details": "The package @undress-ai/best-undress-ai was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@undress-ai/best-undress-ai" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json new file mode 100644 index 0000000000..b7a8a6cd6a --- /dev/null +++ b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @upside/flex-common-typescript-lib (npm)", + "details": "The package @upside/flex-common-typescript-lib was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@upside/flex-common-typescript-lib" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json new file mode 100644 index 0000000000..4469914f98 --- /dev/null +++ b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @wen-community/wen-new-standard (npm)", + "details": "The package @wen-community/wen-new-standard was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@wen-community/wen-new-standard" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/ab-test-wordpress/MAL-0000-ab-test-wordpress.json b/osv/malicious/npm/ab-test-wordpress/MAL-0000-ab-test-wordpress.json index 24c682993e..abb517def8 100644 --- a/osv/malicious/npm/ab-test-wordpress/MAL-0000-ab-test-wordpress.json +++ b/osv/malicious/npm/ab-test-wordpress/MAL-0000-ab-test-wordpress.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:16:35.570Z", - "published": "2025-10-14T03:16:35.570Z", + "modified": "2025-10-14T03:16:35Z", + "published": "2025-10-14T03:16:35Z", "schema_version": "1.5.0", - "summary": "Malicious code in ab-test-wordpress package (npm)", + "id": "", + "summary": "Malicious code in ab-test-wordpress (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/ab-testing-for-wp/MAL-0000-ab-testing-for-wp.json b/osv/malicious/npm/ab-testing-for-wp/MAL-0000-ab-testing-for-wp.json index f51c1d9a37..102527682d 100644 --- a/osv/malicious/npm/ab-testing-for-wp/MAL-0000-ab-testing-for-wp.json +++ b/osv/malicious/npm/ab-testing-for-wp/MAL-0000-ab-testing-for-wp.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:19:52.888Z", - "published": "2025-10-14T03:19:52.888Z", + "modified": "2025-10-14T03:19:52Z", + "published": "2025-10-14T03:19:52Z", "schema_version": "1.5.0", - "summary": "Malicious code in ab-testing-for-wp package (npm)", + "id": "", + "summary": "Malicious code in ab-testing-for-wp (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/advertising-charts/MAL-2025-48271.json b/osv/malicious/npm/advertising-charts/MAL-2025-48271.json index eaaa69a800..10427992f2 100644 --- a/osv/malicious/npm/advertising-charts/MAL-2025-48271.json +++ b/osv/malicious/npm/advertising-charts/MAL-2025-48271.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/andes-react-floater/MAL-2025-48272.json b/osv/malicious/npm/andes-react-floater/MAL-2025-48272.json index 521a016c24..db1ae645e5 100644 --- a/osv/malicious/npm/andes-react-floater/MAL-2025-48272.json +++ b/osv/malicious/npm/andes-react-floater/MAL-2025-48272.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json new file mode 100644 index 0000000000..f75089ad7e --- /dev/null +++ b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in aptos-protos (npm)", + "details": "The package aptos-protos was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "aptos-protos" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/bird-clean-sky-request/MAL-2025-48241.json b/osv/malicious/npm/bird-clean-sky-request/MAL-2025-48241.json index 7513b5119e..b12294c766 100644 --- a/osv/malicious/npm/bird-clean-sky-request/MAL-2025-48241.json +++ b/osv/malicious/npm/bird-clean-sky-request/MAL-2025-48241.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/buyingflow-core-nav-web/MAL-2025-48273.json b/osv/malicious/npm/buyingflow-core-nav-web/MAL-2025-48273.json index f89de911b1..5738fd4872 100644 --- a/osv/malicious/npm/buyingflow-core-nav-web/MAL-2025-48273.json +++ b/osv/malicious/npm/buyingflow-core-nav-web/MAL-2025-48273.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/cbt-gs-switcher-library/MAL-2025-48274.json b/osv/malicious/npm/cbt-gs-switcher-library/MAL-2025-48274.json index b6fffe9c8e..c5be85329b 100644 --- a/osv/malicious/npm/cbt-gs-switcher-library/MAL-2025-48274.json +++ b/osv/malicious/npm/cbt-gs-switcher-library/MAL-2025-48274.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/chai-utils/MAL-2025-48242.json b/osv/malicious/npm/chai-utils/MAL-2025-48242.json index 80b3b70c8a..c702d92647 100644 --- a/osv/malicious/npm/chai-utils/MAL-2025-48242.json +++ b/osv/malicious/npm/chai-utils/MAL-2025-48242.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json new file mode 100644 index 0000000000..aec6d5bd78 --- /dev/null +++ b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in codegrid-js (npm)", + "details": "The package codegrid-js was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "codegrid-js" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json b/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json index ebff35ec36..e2c4a41b09 100644 --- a/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json +++ b/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:47:34.261Z", - "published": "2025-10-14T03:47:34.261Z", + "modified": "2025-10-14T03:47:34Z", + "published": "2025-10-14T03:47:34Z", "schema_version": "1.5.0", - "summary": "Malicious code in company-access-pending package (npm)", + "id": "", + "summary": "Malicious code in company-access-pending (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/company-logo/MAL-0000-company-logo.json b/osv/malicious/npm/company-logo/MAL-0000-company-logo.json index 7e28d45865..ac8852370b 100644 --- a/osv/malicious/npm/company-logo/MAL-0000-company-logo.json +++ b/osv/malicious/npm/company-logo/MAL-0000-company-logo.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:47:47.588Z", - "published": "2025-10-14T03:47:47.588Z", + "modified": "2025-10-14T03:47:47Z", + "published": "2025-10-14T03:47:47Z", "schema_version": "1.5.0", - "summary": "Malicious code in company-logo package (npm)", + "id": "", + "summary": "Malicious code in company-logo (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/company-overview/MAL-0000-company-overview.json b/osv/malicious/npm/company-overview/MAL-0000-company-overview.json index 969ba91f84..2e53a24775 100644 --- a/osv/malicious/npm/company-overview/MAL-0000-company-overview.json +++ b/osv/malicious/npm/company-overview/MAL-0000-company-overview.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:47:22.369Z", - "published": "2025-10-14T03:47:22.369Z", + "modified": "2025-10-14T03:47:22Z", + "published": "2025-10-14T03:47:22Z", "schema_version": "1.5.0", - "summary": "Malicious code in company-overview package (npm)", + "id": "", + "summary": "Malicious code in company-overview (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json b/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json index 44659dbd03..60987eb2c3 100644 --- a/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json +++ b/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:47:06.728Z", - "published": "2025-10-14T03:47:06.728Z", + "modified": "2025-10-14T03:47:06Z", + "published": "2025-10-14T03:47:06Z", "schema_version": "1.5.0", - "summary": "Malicious code in company-request-access package (npm)", + "id": "", + "summary": "Malicious code in company-request-access (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/cx-contact-hub-lib/MAL-2025-48275.json b/osv/malicious/npm/cx-contact-hub-lib/MAL-2025-48275.json index bb457ead12..9a5c2afb84 100644 --- a/osv/malicious/npm/cx-contact-hub-lib/MAL-2025-48275.json +++ b/osv/malicious/npm/cx-contact-hub-lib/MAL-2025-48275.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/cx-hub-interaction-ui-lib/MAL-2025-48276.json b/osv/malicious/npm/cx-hub-interaction-ui-lib/MAL-2025-48276.json index 5da31f1093..6991820cce 100644 --- a/osv/malicious/npm/cx-hub-interaction-ui-lib/MAL-2025-48276.json +++ b/osv/malicious/npm/cx-hub-interaction-ui-lib/MAL-2025-48276.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json b/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json index f70c5e1b58..3aa753b0f6 100644 --- a/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json +++ b/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:28:14.363Z", - "published": "2025-10-14T03:28:14.363Z", + "modified": "2025-10-14T03:28:14Z", + "published": "2025-10-14T03:28:14Z", "schema_version": "1.5.0", - "summary": "Malicious code in debug-mj-v3 package (npm)", + "id": "", + "summary": "Malicious code in debug-mj-v3 (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json b/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json index cb2e2b616a..540f4e1fa4 100644 --- a/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json +++ b/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:31:00.331Z", - "published": "2025-10-14T03:31:00.331Z", + "modified": "2025-10-14T03:31:00Z", + "published": "2025-10-14T03:31:00Z", "schema_version": "1.5.0", - "summary": "Malicious code in debug-mj package (npm)", + "id": "", + "summary": "Malicious code in debug-mj (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json new file mode 100644 index 0000000000..baa80904f8 --- /dev/null +++ b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in doppler-sdk (npm)", + "details": "The package doppler-sdk was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "doppler-sdk" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/dt-frontend-utils/MAL-2025-48277.json b/osv/malicious/npm/dt-frontend-utils/MAL-2025-48277.json index 2ed44ff888..4c4886879c 100644 --- a/osv/malicious/npm/dt-frontend-utils/MAL-2025-48277.json +++ b/osv/malicious/npm/dt-frontend-utils/MAL-2025-48277.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/eslint-config-jest/MAL-2025-48323.json b/osv/malicious/npm/eslint-config-jest/MAL-2025-48323.json index 8cefbabe03..10deb5a1ba 100644 --- a/osv/malicious/npm/eslint-config-jest/MAL-2025-48323.json +++ b/osv/malicious/npm/eslint-config-jest/MAL-2025-48323.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/eslint-js-config/MAL-2025-48291.json b/osv/malicious/npm/eslint-js-config/MAL-2025-48291.json index ad0a674d25..b86cdcb83b 100644 --- a/osv/malicious/npm/eslint-js-config/MAL-2025-48291.json +++ b/osv/malicious/npm/eslint-js-config/MAL-2025-48291.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/frontend-google-tag-manager/MAL-2025-48278.json b/osv/malicious/npm/frontend-google-tag-manager/MAL-2025-48278.json index c306d289f7..1f5b054e49 100644 --- a/osv/malicious/npm/frontend-google-tag-manager/MAL-2025-48278.json +++ b/osv/malicious/npm/frontend-google-tag-manager/MAL-2025-48278.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/frontend-layout/MAL-2025-48279.json b/osv/malicious/npm/frontend-layout/MAL-2025-48279.json index e0e2f1a33a..6531020a3c 100644 --- a/osv/malicious/npm/frontend-layout/MAL-2025-48279.json +++ b/osv/malicious/npm/frontend-layout/MAL-2025-48279.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/frontend-metrics-collector-sdk/MAL-2025-48280.json b/osv/malicious/npm/frontend-metrics-collector-sdk/MAL-2025-48280.json index a851e99d27..4018c22dae 100644 --- a/osv/malicious/npm/frontend-metrics-collector-sdk/MAL-2025-48280.json +++ b/osv/malicious/npm/frontend-metrics-collector-sdk/MAL-2025-48280.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/frontend-photoswipe/MAL-2025-48281.json b/osv/malicious/npm/frontend-photoswipe/MAL-2025-48281.json index 5db747fd67..70fb3f4966 100644 --- a/osv/malicious/npm/frontend-photoswipe/MAL-2025-48281.json +++ b/osv/malicious/npm/frontend-photoswipe/MAL-2025-48281.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/frontend-prevent-open-redirect/MAL-2025-48282.json b/osv/malicious/npm/frontend-prevent-open-redirect/MAL-2025-48282.json index 4ffb648047..c292237410 100644 --- a/osv/malicious/npm/frontend-prevent-open-redirect/MAL-2025-48282.json +++ b/osv/malicious/npm/frontend-prevent-open-redirect/MAL-2025-48282.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/graphorbit/MAL-2025-48400.json b/osv/malicious/npm/graphorbit/MAL-2025-48400.json index 09433e25a9..9bafee0c3a 100644 --- a/osv/malicious/npm/graphorbit/MAL-2025-48400.json +++ b/osv/malicious/npm/graphorbit/MAL-2025-48400.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json new file mode 100644 index 0000000000..5b707d95bc --- /dev/null +++ b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in humansdotai-humans-client (npm)", + "details": "The package humansdotai-humans-client was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "humansdotai-humans-client" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/ing-util-analytics6/MAL-2025-48315.json b/osv/malicious/npm/ing-util-analytics6/MAL-2025-48315.json index 3064a706d8..668cf3e8b7 100644 --- a/osv/malicious/npm/ing-util-analytics6/MAL-2025-48315.json +++ b/osv/malicious/npm/ing-util-analytics6/MAL-2025-48315.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", @@ -39,4 +46,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/internal-checkout-bricks/MAL-2025-48283.json b/osv/malicious/npm/internal-checkout-bricks/MAL-2025-48283.json index da916ec48f..0738da98ba 100644 --- a/osv/malicious/npm/internal-checkout-bricks/MAL-2025-48283.json +++ b/osv/malicious/npm/internal-checkout-bricks/MAL-2025-48283.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/internallib_v125/MAL-2025-48324.json b/osv/malicious/npm/internallib_v125/MAL-2025-48324.json index 2b7a989750..b92ec5e49c 100644 --- a/osv/malicious/npm/internallib_v125/MAL-2025-48324.json +++ b/osv/malicious/npm/internallib_v125/MAL-2025-48324.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/internallib_v14/MAL-2025-48325.json b/osv/malicious/npm/internallib_v14/MAL-2025-48325.json index 860a35f48c..38de972807 100644 --- a/osv/malicious/npm/internallib_v14/MAL-2025-48325.json +++ b/osv/malicious/npm/internallib_v14/MAL-2025-48325.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/internallib_v190/MAL-2025-48326.json b/osv/malicious/npm/internallib_v190/MAL-2025-48326.json index d6daf62066..df7f37f6cc 100644 --- a/osv/malicious/npm/internallib_v190/MAL-2025-48326.json +++ b/osv/malicious/npm/internallib_v190/MAL-2025-48326.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/internallib_v600/MAL-2025-48327.json b/osv/malicious/npm/internallib_v600/MAL-2025-48327.json index f234dce0ea..ae887a3142 100644 --- a/osv/malicious/npm/internallib_v600/MAL-2025-48327.json +++ b/osv/malicious/npm/internallib_v600/MAL-2025-48327.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/internallib_v730-teste/MAL-2025-48328.json b/osv/malicious/npm/internallib_v730-teste/MAL-2025-48328.json index bf6995f373..bbb8db98c9 100644 --- a/osv/malicious/npm/internallib_v730-teste/MAL-2025-48328.json +++ b/osv/malicious/npm/internallib_v730-teste/MAL-2025-48328.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/internallib_v838/MAL-2025-48329.json b/osv/malicious/npm/internallib_v838/MAL-2025-48329.json index 928b539f08..511d120208 100644 --- a/osv/malicious/npm/internallib_v838/MAL-2025-48329.json +++ b/osv/malicious/npm/internallib_v838/MAL-2025-48329.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/iwf-ant-design-draggable-modal/MAL-0000-iwf-ant-design-draggable-modal.json b/osv/malicious/npm/iwf-ant-design-draggable-modal/MAL-0000-iwf-ant-design-draggable-modal.json index 6c9e61605b..7a0b5754f1 100644 --- a/osv/malicious/npm/iwf-ant-design-draggable-modal/MAL-0000-iwf-ant-design-draggable-modal.json +++ b/osv/malicious/npm/iwf-ant-design-draggable-modal/MAL-0000-iwf-ant-design-draggable-modal.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:35:29.945Z", - "published": "2025-10-14T03:35:29.945Z", + "modified": "2025-10-14T03:35:29Z", + "published": "2025-10-14T03:35:29Z", "schema_version": "1.5.0", - "summary": "Malicious code in iwf-ant-design-draggable-modal package (npm)", + "id": "", + "summary": "Malicious code in iwf-ant-design-draggable-modal (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/js-notifiers/MAL-2025-48243.json b/osv/malicious/npm/js-notifiers/MAL-2025-48243.json index d015d7cdad..48895b7233 100644 --- a/osv/malicious/npm/js-notifiers/MAL-2025-48243.json +++ b/osv/malicious/npm/js-notifiers/MAL-2025-48243.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/kn-nf-iso-properties-kn1/MAL-2025-48293.json b/osv/malicious/npm/kn-nf-iso-properties-kn1/MAL-2025-48293.json index b3acdcb47c..cca0654a03 100644 --- a/osv/malicious/npm/kn-nf-iso-properties-kn1/MAL-2025-48293.json +++ b/osv/malicious/npm/kn-nf-iso-properties-kn1/MAL-2025-48293.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/kpi-media-metrics/MAL-2025-48244.json b/osv/malicious/npm/kpi-media-metrics/MAL-2025-48244.json index 5aff831cf5..269c062f3a 100644 --- a/osv/malicious/npm/kpi-media-metrics/MAL-2025-48244.json +++ b/osv/malicious/npm/kpi-media-metrics/MAL-2025-48244.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/log4action/MAL-2025-48299.json b/osv/malicious/npm/log4action/MAL-2025-48299.json index 8695839e55..093f809c39 100644 --- a/osv/malicious/npm/log4action/MAL-2025-48299.json +++ b/osv/malicious/npm/log4action/MAL-2025-48299.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/lovable-ts/MAL-2025-48300.json b/osv/malicious/npm/lovable-ts/MAL-2025-48300.json index d57585510c..524e96d478 100644 --- a/osv/malicious/npm/lovable-ts/MAL-2025-48300.json +++ b/osv/malicious/npm/lovable-ts/MAL-2025-48300.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.0.0.2.2.8./MAL-2025-48245.json b/osv/malicious/npm/mad-1.0.0.2.2.8./MAL-2025-48245.json index 20dace106d..a92aa9098a 100644 --- a/osv/malicious/npm/mad-1.0.0.2.2.8./MAL-2025-48245.json +++ b/osv/malicious/npm/mad-1.0.0.2.2.8./MAL-2025-48245.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.2.2.2.2.8/MAL-2025-48330.json b/osv/malicious/npm/mad-1.2.2.2.2.8/MAL-2025-48330.json index 98b9bae627..b4fe3a0633 100644 --- a/osv/malicious/npm/mad-1.2.2.2.2.8/MAL-2025-48330.json +++ b/osv/malicious/npm/mad-1.2.2.2.2.8/MAL-2025-48330.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.2.3.2.2.8/MAL-2025-48331.json b/osv/malicious/npm/mad-1.2.3.2.2.8/MAL-2025-48331.json index e4e10355e9..8f7673585a 100644 --- a/osv/malicious/npm/mad-1.2.3.2.2.8/MAL-2025-48331.json +++ b/osv/malicious/npm/mad-1.2.3.2.2.8/MAL-2025-48331.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.2.4.2.2.8/MAL-2025-48332.json b/osv/malicious/npm/mad-1.2.4.2.2.8/MAL-2025-48332.json index 979ffef680..bb21438948 100644 --- a/osv/malicious/npm/mad-1.2.4.2.2.8/MAL-2025-48332.json +++ b/osv/malicious/npm/mad-1.2.4.2.2.8/MAL-2025-48332.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.2.5.2.2.8/MAL-2025-48333.json b/osv/malicious/npm/mad-1.2.5.2.2.8/MAL-2025-48333.json index 4641c36ee9..7198f8e8a5 100644 --- a/osv/malicious/npm/mad-1.2.5.2.2.8/MAL-2025-48333.json +++ b/osv/malicious/npm/mad-1.2.5.2.2.8/MAL-2025-48333.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.2.6.2.2.8/MAL-2025-48334.json b/osv/malicious/npm/mad-1.2.6.2.2.8/MAL-2025-48334.json index e664ca1cd0..5ac2faf395 100644 --- a/osv/malicious/npm/mad-1.2.6.2.2.8/MAL-2025-48334.json +++ b/osv/malicious/npm/mad-1.2.6.2.2.8/MAL-2025-48334.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.2.7.2.2.8/MAL-2025-48335.json b/osv/malicious/npm/mad-1.2.7.2.2.8/MAL-2025-48335.json index 6ab0ddedc9..60fbffa31d 100644 --- a/osv/malicious/npm/mad-1.2.7.2.2.8/MAL-2025-48335.json +++ b/osv/malicious/npm/mad-1.2.7.2.2.8/MAL-2025-48335.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.2.8.2.2.8/MAL-2025-48336.json b/osv/malicious/npm/mad-1.2.8.2.2.8/MAL-2025-48336.json index 53bbe7e23d..632dbd78c6 100644 --- a/osv/malicious/npm/mad-1.2.8.2.2.8/MAL-2025-48336.json +++ b/osv/malicious/npm/mad-1.2.8.2.2.8/MAL-2025-48336.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.2.9.2.2.8/MAL-2025-48246.json b/osv/malicious/npm/mad-1.2.9.2.2.8/MAL-2025-48246.json index ef18891da5..c579d53d6a 100644 --- a/osv/malicious/npm/mad-1.2.9.2.2.8/MAL-2025-48246.json +++ b/osv/malicious/npm/mad-1.2.9.2.2.8/MAL-2025-48246.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.4.0.2.2.8/MAL-2025-48247.json b/osv/malicious/npm/mad-1.4.0.2.2.8/MAL-2025-48247.json index 2eaa06c6d8..ad6ea33ab4 100644 --- a/osv/malicious/npm/mad-1.4.0.2.2.8/MAL-2025-48247.json +++ b/osv/malicious/npm/mad-1.4.0.2.2.8/MAL-2025-48247.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.4.1.2.2.8/MAL-2025-48248.json b/osv/malicious/npm/mad-1.4.1.2.2.8/MAL-2025-48248.json index e4ec0e7f6b..42d8d1d40d 100644 --- a/osv/malicious/npm/mad-1.4.1.2.2.8/MAL-2025-48248.json +++ b/osv/malicious/npm/mad-1.4.1.2.2.8/MAL-2025-48248.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-1.4.2.2.2.8/MAL-2025-48249.json b/osv/malicious/npm/mad-1.4.2.2.2.8/MAL-2025-48249.json index 86ded44761..c4c511b8bb 100644 --- a/osv/malicious/npm/mad-1.4.2.2.2.8/MAL-2025-48249.json +++ b/osv/malicious/npm/mad-1.4.2.2.2.8/MAL-2025-48249.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-10.1.1.2.2.8/MAL-2025-48250.json b/osv/malicious/npm/mad-10.1.1.2.2.8/MAL-2025-48250.json index d22c1ab2d3..5d79e02430 100644 --- a/osv/malicious/npm/mad-10.1.1.2.2.8/MAL-2025-48250.json +++ b/osv/malicious/npm/mad-10.1.1.2.2.8/MAL-2025-48250.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-10.2.1.2.2.8/MAL-2025-48251.json b/osv/malicious/npm/mad-10.2.1.2.2.8/MAL-2025-48251.json index 3f5bd919c4..9012740d84 100644 --- a/osv/malicious/npm/mad-10.2.1.2.2.8/MAL-2025-48251.json +++ b/osv/malicious/npm/mad-10.2.1.2.2.8/MAL-2025-48251.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-2.0.0.2.2.8./MAL-2025-48252.json b/osv/malicious/npm/mad-2.0.0.2.2.8./MAL-2025-48252.json index 2cf7a9b5e8..3c58af5ca9 100644 --- a/osv/malicious/npm/mad-2.0.0.2.2.8./MAL-2025-48252.json +++ b/osv/malicious/npm/mad-2.0.0.2.2.8./MAL-2025-48252.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-2.0.1.2.2.8./MAL-2025-48253.json b/osv/malicious/npm/mad-2.0.1.2.2.8./MAL-2025-48253.json index a9df37c938..5a11e7a6f5 100644 --- a/osv/malicious/npm/mad-2.0.1.2.2.8./MAL-2025-48253.json +++ b/osv/malicious/npm/mad-2.0.1.2.2.8./MAL-2025-48253.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-2.0.2.2.2.8./MAL-2025-48254.json b/osv/malicious/npm/mad-2.0.2.2.2.8./MAL-2025-48254.json index 0382e64998..624480978c 100644 --- a/osv/malicious/npm/mad-2.0.2.2.2.8./MAL-2025-48254.json +++ b/osv/malicious/npm/mad-2.0.2.2.2.8./MAL-2025-48254.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-2.4.0.2.2.8/MAL-2025-48255.json b/osv/malicious/npm/mad-2.4.0.2.2.8/MAL-2025-48255.json index 169a70dd9b..4e8939dc0e 100644 --- a/osv/malicious/npm/mad-2.4.0.2.2.8/MAL-2025-48255.json +++ b/osv/malicious/npm/mad-2.4.0.2.2.8/MAL-2025-48255.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-2.4.1.2.2.8/MAL-2025-48256.json b/osv/malicious/npm/mad-2.4.1.2.2.8/MAL-2025-48256.json index 468e05d17c..bac9c06e73 100644 --- a/osv/malicious/npm/mad-2.4.1.2.2.8/MAL-2025-48256.json +++ b/osv/malicious/npm/mad-2.4.1.2.2.8/MAL-2025-48256.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-3.0.0.2.2.8./MAL-2025-48257.json b/osv/malicious/npm/mad-3.0.0.2.2.8./MAL-2025-48257.json index 16aae4e12f..55f0714930 100644 --- a/osv/malicious/npm/mad-3.0.0.2.2.8./MAL-2025-48257.json +++ b/osv/malicious/npm/mad-3.0.0.2.2.8./MAL-2025-48257.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-3.0.1.2.2.8./MAL-2025-48258.json b/osv/malicious/npm/mad-3.0.1.2.2.8./MAL-2025-48258.json index 3b8203cf46..440736e35f 100644 --- a/osv/malicious/npm/mad-3.0.1.2.2.8./MAL-2025-48258.json +++ b/osv/malicious/npm/mad-3.0.1.2.2.8./MAL-2025-48258.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-3.0.2.2.2.8./MAL-2025-48259.json b/osv/malicious/npm/mad-3.0.2.2.2.8./MAL-2025-48259.json index d5c1b25e9e..b4dde3372a 100644 --- a/osv/malicious/npm/mad-3.0.2.2.2.8./MAL-2025-48259.json +++ b/osv/malicious/npm/mad-3.0.2.2.2.8./MAL-2025-48259.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-3.2.1.2.2.8/MAL-2025-48337.json b/osv/malicious/npm/mad-3.2.1.2.2.8/MAL-2025-48337.json index 4d11b1ac9d..6aecd46007 100644 --- a/osv/malicious/npm/mad-3.2.1.2.2.8/MAL-2025-48337.json +++ b/osv/malicious/npm/mad-3.2.1.2.2.8/MAL-2025-48337.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-4.0.0.2.2.8./MAL-2025-48260.json b/osv/malicious/npm/mad-4.0.0.2.2.8./MAL-2025-48260.json index 4342940bf8..787d3eb6f8 100644 --- a/osv/malicious/npm/mad-4.0.0.2.2.8./MAL-2025-48260.json +++ b/osv/malicious/npm/mad-4.0.0.2.2.8./MAL-2025-48260.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-4.0.1.2.2.8./MAL-2025-48261.json b/osv/malicious/npm/mad-4.0.1.2.2.8./MAL-2025-48261.json index ffc5e7eaeb..511bd800ea 100644 --- a/osv/malicious/npm/mad-4.0.1.2.2.8./MAL-2025-48261.json +++ b/osv/malicious/npm/mad-4.0.1.2.2.8./MAL-2025-48261.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-4.2.1.2.2.8/MAL-2025-48338.json b/osv/malicious/npm/mad-4.2.1.2.2.8/MAL-2025-48338.json index 212c0e0b1f..0c4e3e56aa 100644 --- a/osv/malicious/npm/mad-4.2.1.2.2.8/MAL-2025-48338.json +++ b/osv/malicious/npm/mad-4.2.1.2.2.8/MAL-2025-48338.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-5.0.0.2.2.8./MAL-2025-48262.json b/osv/malicious/npm/mad-5.0.0.2.2.8./MAL-2025-48262.json index 7acf0ab28f..975284cf3e 100644 --- a/osv/malicious/npm/mad-5.0.0.2.2.8./MAL-2025-48262.json +++ b/osv/malicious/npm/mad-5.0.0.2.2.8./MAL-2025-48262.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mad-8.2.1.2.2.8/MAL-2025-48339.json b/osv/malicious/npm/mad-8.2.1.2.2.8/MAL-2025-48339.json index e0c459138a..431b475f24 100644 --- a/osv/malicious/npm/mad-8.2.1.2.2.8/MAL-2025-48339.json +++ b/osv/malicious/npm/mad-8.2.1.2.2.8/MAL-2025-48339.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/matrix-charts/MAL-2025-48298.json b/osv/malicious/npm/matrix-charts/MAL-2025-48298.json index e07f5faa14..ca79835600 100644 --- a/osv/malicious/npm/matrix-charts/MAL-2025-48298.json +++ b/osv/malicious/npm/matrix-charts/MAL-2025-48298.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/melichat-chat-library/MAL-2025-48284.json b/osv/malicious/npm/melichat-chat-library/MAL-2025-48284.json index 648869d886..129868ebef 100644 --- a/osv/malicious/npm/melichat-chat-library/MAL-2025-48284.json +++ b/osv/malicious/npm/melichat-chat-library/MAL-2025-48284.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json new file mode 100644 index 0000000000..426f3b4609 --- /dev/null +++ b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in metronome-utils (npm)", + "details": "The package metronome-utils was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "metronome-utils" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/mongodb-orn/MAL-2025-48301.json b/osv/malicious/npm/mongodb-orn/MAL-2025-48301.json index 469078cc21..56286d54bd 100644 --- a/osv/malicious/npm/mongodb-orn/MAL-2025-48301.json +++ b/osv/malicious/npm/mongodb-orn/MAL-2025-48301.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mp3-web-lib/MAL-2025-48285.json b/osv/malicious/npm/mp3-web-lib/MAL-2025-48285.json index ce103bfa1f..23f1518ba8 100644 --- a/osv/malicious/npm/mp3-web-lib/MAL-2025-48285.json +++ b/osv/malicious/npm/mp3-web-lib/MAL-2025-48285.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/mshops-web-metrics-components/MAL-2025-48286.json b/osv/malicious/npm/mshops-web-metrics-components/MAL-2025-48286.json index 882a060a61..8d81a78665 100644 --- a/osv/malicious/npm/mshops-web-metrics-components/MAL-2025-48286.json +++ b/osv/malicious/npm/mshops-web-metrics-components/MAL-2025-48286.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/nf-iso-properties/MAL-2025-48294.json b/osv/malicious/npm/nf-iso-properties/MAL-2025-48294.json index 01bec5802f..7e02528cf5 100644 --- a/osv/malicious/npm/nf-iso-properties/MAL-2025-48294.json +++ b/osv/malicious/npm/nf-iso-properties/MAL-2025-48294.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/nodelog-lite/MAL-2025-48318.json b/osv/malicious/npm/nodelog-lite/MAL-2025-48318.json index 233328c38f..2fc27c6470 100644 --- a/osv/malicious/npm/nodelog-lite/MAL-2025-48318.json +++ b/osv/malicious/npm/nodelog-lite/MAL-2025-48318.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/nodelogex/MAL-2025-48270.json b/osv/malicious/npm/nodelogex/MAL-2025-48270.json index c1a6607f1f..634e7fa01f 100644 --- a/osv/malicious/npm/nodelogex/MAL-2025-48270.json +++ b/osv/malicious/npm/nodelogex/MAL-2025-48270.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/nodemon-pkg/MAL-2025-48263.json b/osv/malicious/npm/nodemon-pkg/MAL-2025-48263.json index 8b39e1bfd5..8994049b58 100644 --- a/osv/malicious/npm/nodemon-pkg/MAL-2025-48263.json +++ b/osv/malicious/npm/nodemon-pkg/MAL-2025-48263.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/orbital-ledger/MAL-2025-48264.json b/osv/malicious/npm/orbital-ledger/MAL-2025-48264.json index 53fc62a081..49eb7d6fa6 100644 --- a/osv/malicious/npm/orbital-ledger/MAL-2025-48264.json +++ b/osv/malicious/npm/orbital-ledger/MAL-2025-48264.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json new file mode 100644 index 0000000000..2ee74ec73b --- /dev/null +++ b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in phlex-core-ui (npm)", + "details": "The package phlex-core-ui was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "phlex-core-ui" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/phoenix-experience/MAL-2025-48265.json b/osv/malicious/npm/phoenix-experience/MAL-2025-48265.json index dfe453c6e8..c362d55bbc 100644 --- a/osv/malicious/npm/phoenix-experience/MAL-2025-48265.json +++ b/osv/malicious/npm/phoenix-experience/MAL-2025-48265.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/pino-node/MAL-2025-48295.json b/osv/malicious/npm/pino-node/MAL-2025-48295.json index 0e113286f7..df05e93b3a 100644 --- a/osv/malicious/npm/pino-node/MAL-2025-48295.json +++ b/osv/malicious/npm/pino-node/MAL-2025-48295.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/pretty-format-setting/MAL-2025-48319.json b/osv/malicious/npm/pretty-format-setting/MAL-2025-48319.json index 1b79d7e77b..f420e894cf 100644 --- a/osv/malicious/npm/pretty-format-setting/MAL-2025-48319.json +++ b/osv/malicious/npm/pretty-format-setting/MAL-2025-48319.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json b/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json index b271e5d53e..d3b08ea2f7 100644 --- a/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json +++ b/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:46:47.627Z", - "published": "2025-10-14T03:46:47.627Z", + "modified": "2025-10-14T03:46:47Z", + "published": "2025-10-14T03:46:47Z", "schema_version": "1.5.0", - "summary": "Malicious code in private-callout-queue package (npm)", + "id": "", + "summary": "Malicious code in private-callout-queue (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json b/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json index d738bb7a4b..2d240c930c 100644 --- a/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json +++ b/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:46:54.674Z", - "published": "2025-10-14T03:46:54.674Z", + "modified": "2025-10-14T03:46:54Z", + "published": "2025-10-14T03:46:54Z", "schema_version": "1.5.0", - "summary": "Malicious code in private-callouts package (npm)", + "id": "", + "summary": "Malicious code in private-callouts (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/project-serum/MAL-2025-48340.json b/osv/malicious/npm/project-serum/MAL-2025-48340.json index 3720793322..bb140fd12b 100644 --- a/osv/malicious/npm/project-serum/MAL-2025-48340.json +++ b/osv/malicious/npm/project-serum/MAL-2025-48340.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/qrcode-pretty-react/MAL-2025-48302.json b/osv/malicious/npm/qrcode-pretty-react/MAL-2025-48302.json index 45414b3fb2..22042a7ebe 100644 --- a/osv/malicious/npm/qrcode-pretty-react/MAL-2025-48302.json +++ b/osv/malicious/npm/qrcode-pretty-react/MAL-2025-48302.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/react-copack/MAL-2025-48266.json b/osv/malicious/npm/react-copack/MAL-2025-48266.json index 0ecb2a8c6e..ef7d4ab76c 100644 --- a/osv/malicious/npm/react-copack/MAL-2025-48266.json +++ b/osv/malicious/npm/react-copack/MAL-2025-48266.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/react-icons-loader/MAL-2025-48296.json b/osv/malicious/npm/react-icons-loader/MAL-2025-48296.json index 3d411e0d05..a5398832fa 100644 --- a/osv/malicious/npm/react-icons-loader/MAL-2025-48296.json +++ b/osv/malicious/npm/react-icons-loader/MAL-2025-48296.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/react-outcome-error-alert/MAL-2025-48267.json b/osv/malicious/npm/react-outcome-error-alert/MAL-2025-48267.json index 55db1484ad..f1e0192c50 100644 --- a/osv/malicious/npm/react-outcome-error-alert/MAL-2025-48267.json +++ b/osv/malicious/npm/react-outcome-error-alert/MAL-2025-48267.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/react-tediter/MAL-2025-48320.json b/osv/malicious/npm/react-tediter/MAL-2025-48320.json index ffe6a5217f..9e950e06a5 100644 --- a/osv/malicious/npm/react-tediter/MAL-2025-48320.json +++ b/osv/malicious/npm/react-tediter/MAL-2025-48320.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/react-toast-ui/MAL-2025-48303.json b/osv/malicious/npm/react-toast-ui/MAL-2025-48303.json index 7a3da3cfb9..b72ab5e143 100644 --- a/osv/malicious/npm/react-toast-ui/MAL-2025-48303.json +++ b/osv/malicious/npm/react-toast-ui/MAL-2025-48303.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/react-ui-toast/MAL-2025-48321.json b/osv/malicious/npm/react-ui-toast/MAL-2025-48321.json index d039fd2e23..719073b505 100644 --- a/osv/malicious/npm/react-ui-toast/MAL-2025-48321.json +++ b/osv/malicious/npm/react-ui-toast/MAL-2025-48321.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/sb_wm_integrator/MAL-0000-sbwmintegrator.json b/osv/malicious/npm/sb_wm_integrator/MAL-0000-sbwmintegrator.json index e4582df237..fc359dcf34 100644 --- a/osv/malicious/npm/sb_wm_integrator/MAL-0000-sbwmintegrator.json +++ b/osv/malicious/npm/sb_wm_integrator/MAL-0000-sbwmintegrator.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:34:53.060Z", - "published": "2025-10-14T03:34:53.060Z", + "modified": "2025-10-14T03:34:53Z", + "published": "2025-10-14T03:34:53Z", "schema_version": "1.5.0", - "summary": "Malicious code in sb_wm_integrator package (npm)", + "id": "", + "summary": "Malicious code in sb_wm_integrator (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/scr-cloud-project/MAL-2025-48341.json b/osv/malicious/npm/scr-cloud-project/MAL-2025-48341.json index a5ade7a9d2..c5521c79aa 100644 --- a/osv/malicious/npm/scr-cloud-project/MAL-2025-48341.json +++ b/osv/malicious/npm/scr-cloud-project/MAL-2025-48341.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/scr-database/MAL-2025-48342.json b/osv/malicious/npm/scr-database/MAL-2025-48342.json index 64e960e7a9..524ea54c78 100644 --- a/osv/malicious/npm/scr-database/MAL-2025-48342.json +++ b/osv/malicious/npm/scr-database/MAL-2025-48342.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/scr-file-theme/MAL-2025-48343.json b/osv/malicious/npm/scr-file-theme/MAL-2025-48343.json index ec2656a263..27d9bcdc69 100644 --- a/osv/malicious/npm/scr-file-theme/MAL-2025-48343.json +++ b/osv/malicious/npm/scr-file-theme/MAL-2025-48343.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/scr-notification-system/MAL-2025-48344.json b/osv/malicious/npm/scr-notification-system/MAL-2025-48344.json index 2cfc65a9fd..d0903429cf 100644 --- a/osv/malicious/npm/scr-notification-system/MAL-2025-48344.json +++ b/osv/malicious/npm/scr-notification-system/MAL-2025-48344.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/scr-theme-production/MAL-2025-48345.json b/osv/malicious/npm/scr-theme-production/MAL-2025-48345.json index 7e24343285..e7b13f1642 100644 --- a/osv/malicious/npm/scr-theme-production/MAL-2025-48345.json +++ b/osv/malicious/npm/scr-theme-production/MAL-2025-48345.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/shakti-platform/MAL-2025-48297.json b/osv/malicious/npm/shakti-platform/MAL-2025-48297.json index 3da87539e4..0512330d4b 100644 --- a/osv/malicious/npm/shakti-platform/MAL-2025-48297.json +++ b/osv/malicious/npm/shakti-platform/MAL-2025-48297.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/simple-app-theme/MAL-2025-48347.json b/osv/malicious/npm/simple-app-theme/MAL-2025-48347.json index 97e8dda3cd..391e8468da 100644 --- a/osv/malicious/npm/simple-app-theme/MAL-2025-48347.json +++ b/osv/malicious/npm/simple-app-theme/MAL-2025-48347.json @@ -45,6 +45,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", @@ -84,4 +91,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/simple-icon-maker/MAL-2025-48304.json b/osv/malicious/npm/simple-icon-maker/MAL-2025-48304.json index 71d68336d0..2ac949b376 100644 --- a/osv/malicious/npm/simple-icon-maker/MAL-2025-48304.json +++ b/osv/malicious/npm/simple-icon-maker/MAL-2025-48304.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/simple-scr-app/MAL-2025-48348.json b/osv/malicious/npm/simple-scr-app/MAL-2025-48348.json index 4dbff1f674..04135b8898 100644 --- a/osv/malicious/npm/simple-scr-app/MAL-2025-48348.json +++ b/osv/malicious/npm/simple-scr-app/MAL-2025-48348.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/sp-web-utils-lib/MAL-2025-48287.json b/osv/malicious/npm/sp-web-utils-lib/MAL-2025-48287.json index f53cb6e606..3578a10a0d 100644 --- a/osv/malicious/npm/sp-web-utils-lib/MAL-2025-48287.json +++ b/osv/malicious/npm/sp-web-utils-lib/MAL-2025-48287.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/spot-electron-sdk/MAL-0000-spot-electron-sdk.json b/osv/malicious/npm/spot-electron-sdk/MAL-0000-spot-electron-sdk.json index f8d5b052b0..b51eed900b 100644 --- a/osv/malicious/npm/spot-electron-sdk/MAL-0000-spot-electron-sdk.json +++ b/osv/malicious/npm/spot-electron-sdk/MAL-0000-spot-electron-sdk.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T03:20:12.628Z", - "published": "2025-10-14T03:20:12.628Z", + "modified": "2025-10-14T03:20:12Z", + "published": "2025-10-14T03:20:12Z", "schema_version": "1.5.0", - "summary": "Malicious code in spot-electron-sdk package (npm)", + "id": "", + "summary": "Malicious code in spot-electron-sdk (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/supplychain-firewall-benchmark-hello/MAL-2025-48401.json b/osv/malicious/npm/supplychain-firewall-benchmark-hello/MAL-2025-48401.json index 1999a8163b..451b0dde4e 100644 --- a/osv/malicious/npm/supplychain-firewall-benchmark-hello/MAL-2025-48401.json +++ b/osv/malicious/npm/supplychain-firewall-benchmark-hello/MAL-2025-48401.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", @@ -39,4 +46,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/tailwind-style-components/MAL-2025-48305.json b/osv/malicious/npm/tailwind-style-components/MAL-2025-48305.json index a90184a139..dab6f2363b 100644 --- a/osv/malicious/npm/tailwind-style-components/MAL-2025-48305.json +++ b/osv/malicious/npm/tailwind-style-components/MAL-2025-48305.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/tailwindcss-animatexs/MAL-2025-48306.json b/osv/malicious/npm/tailwindcss-animatexs/MAL-2025-48306.json index a749cbda8a..6e7c5156c4 100644 --- a/osv/malicious/npm/tailwindcss-animatexs/MAL-2025-48306.json +++ b/osv/malicious/npm/tailwindcss-animatexs/MAL-2025-48306.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/tailwindcss-remotion/MAL-2025-48307.json b/osv/malicious/npm/tailwindcss-remotion/MAL-2025-48307.json index 18b54a2f6c..0efc8d5740 100644 --- a/osv/malicious/npm/tailwindcss-remotion/MAL-2025-48307.json +++ b/osv/malicious/npm/tailwindcss-remotion/MAL-2025-48307.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/token_security_check/MAL-2025-48238.json b/osv/malicious/npm/token_security_check/MAL-2025-48238.json index 3708f311d0..dedafc00c8 100644 --- a/osv/malicious/npm/token_security_check/MAL-2025-48238.json +++ b/osv/malicious/npm/token_security_check/MAL-2025-48238.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/tw-webkit-universal/MAL-2025-48288.json b/osv/malicious/npm/tw-webkit-universal/MAL-2025-48288.json index b39790f229..ef3dd4f6f0 100644 --- a/osv/malicious/npm/tw-webkit-universal/MAL-2025-48288.json +++ b/osv/malicious/npm/tw-webkit-universal/MAL-2025-48288.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json new file mode 100644 index 0000000000..5aba4a73bd --- /dev/null +++ b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in ui-library_mercadolibre (npm)", + "details": "The package ui-library_mercadolibre was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ui-library_mercadolibre" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/vite-babel-plugin-es6-promise/MAL-2025-48322.json b/osv/malicious/npm/vite-babel-plugin-es6-promise/MAL-2025-48322.json index b0f7cd39e4..ab18c1b62e 100644 --- a/osv/malicious/npm/vite-babel-plugin-es6-promise/MAL-2025-48322.json +++ b/osv/malicious/npm/vite-babel-plugin-es6-promise/MAL-2025-48322.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/vite-configs-viewer/MAL-2025-48268.json b/osv/malicious/npm/vite-configs-viewer/MAL-2025-48268.json index b7235a6515..67317519df 100644 --- a/osv/malicious/npm/vite-configs-viewer/MAL-2025-48268.json +++ b/osv/malicious/npm/vite-configs-viewer/MAL-2025-48268.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/vite-next-loggers/MAL-2025-48269.json b/osv/malicious/npm/vite-next-loggers/MAL-2025-48269.json index 6c125b026c..4852f2b031 100644 --- a/osv/malicious/npm/vite-next-loggers/MAL-2025-48269.json +++ b/osv/malicious/npm/vite-next-loggers/MAL-2025-48269.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/vite-plugin-es6-babel/MAL-2025-48308.json b/osv/malicious/npm/vite-plugin-es6-babel/MAL-2025-48308.json index 7bb01d6be5..ae26a2fd9b 100644 --- a/osv/malicious/npm/vite-plugin-es6-babel/MAL-2025-48308.json +++ b/osv/malicious/npm/vite-plugin-es6-babel/MAL-2025-48308.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/vite-plugin-parse/MAL-2025-48309.json b/osv/malicious/npm/vite-plugin-parse/MAL-2025-48309.json index da7697e560..3ab2d90e90 100644 --- a/osv/malicious/npm/vite-plugin-parse/MAL-2025-48309.json +++ b/osv/malicious/npm/vite-plugin-parse/MAL-2025-48309.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/vite-plugin-vue-layout/MAL-2025-48310.json b/osv/malicious/npm/vite-plugin-vue-layout/MAL-2025-48310.json index 99e411ecc4..d98207da60 100644 --- a/osv/malicious/npm/vite-plugin-vue-layout/MAL-2025-48310.json +++ b/osv/malicious/npm/vite-plugin-vue-layout/MAL-2025-48310.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json new file mode 100644 index 0000000000..5339d53717 --- /dev/null +++ b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in web-palette-react (npm)", + "details": "The package web-palette-react was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "web-palette-react" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/web3-io-ethers/MAL-2025-48239.json b/osv/malicious/npm/web3-io-ethers/MAL-2025-48239.json index 4cc8421732..56d350b512 100644 --- a/osv/malicious/npm/web3-io-ethers/MAL-2025-48239.json +++ b/osv/malicious/npm/web3-io-ethers/MAL-2025-48239.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/web3j-io-ethers/MAL-2025-48240.json b/osv/malicious/npm/web3j-io-ethers/MAL-2025-48240.json index acccf5ee47..cc5428ea44 100644 --- a/osv/malicious/npm/web3j-io-ethers/MAL-2025-48240.json +++ b/osv/malicious/npm/web3j-io-ethers/MAL-2025-48240.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/webpack-css-branch-loader/MAL-2025-48311.json b/osv/malicious/npm/webpack-css-branch-loader/MAL-2025-48311.json index 2d8fcae8bc..971b3a1526 100644 --- a/osv/malicious/npm/webpack-css-branch-loader/MAL-2025-48311.json +++ b/osv/malicious/npm/webpack-css-branch-loader/MAL-2025-48311.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/webpack-load-css-branch/MAL-2025-48349.json b/osv/malicious/npm/webpack-load-css-branch/MAL-2025-48349.json index abbc3e4527..03748dc20d 100644 --- a/osv/malicious/npm/webpack-load-css-branch/MAL-2025-48349.json +++ b/osv/malicious/npm/webpack-load-css-branch/MAL-2025-48349.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", @@ -62,4 +71,4 @@ } ] } -} +} \ No newline at end of file diff --git a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json new file mode 100644 index 0000000000..f7eb8dc469 --- /dev/null +++ b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T04:24:22Z", + "published": "2025-10-14T04:24:22Z", + "schema_version": "1.5.0", + "summary": "Malicious code in yugabyte_cloud (npm)", + "details": "The package yugabyte_cloud was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "yugabyte_cloud" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 38752a969d04e57c7cf0b87a95c3190eed752787 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Tue, 14 Oct 2025 10:24:09 -0500 Subject: [PATCH 16/42] Added reports Signed-off-by: Chi Tran --- .../sdk/MAL-0000-custom-widget-sdk.json | 8 +++- .../core/MAL-0000-gala-analytics-core.json | 8 +++- ...L-0000-gtpn-eslint-config-progressive.json | 8 +++- .../MAL-0000-naviance-translation-client.json | 8 +++- .../commons/MAL-0000-sudt-faucet-commons.json | 8 +++- .../MAL-0000-taskrabbit-meadow-web.json | 8 +++- .../MAL-0000-undress-ai-best-undress-ai.json | 8 +++- ...000-upside-flex-common-typescript-lib.json | 8 +++- ...L-0000-wen-community-wen-new-standard.json | 8 +++- .../npm/akasearch/MAL-2025-48403.json | 9 +++++ osv/malicious/npm/akdump/MAL-2025-48404.json | 9 +++++ .../aptos-protos/MAL-0000-aptos-protos.json | 8 +++- .../npm/codegrid-js/MAL-0000-codegrid-js.json | 8 +++- .../MAL-0000-company-access-pending.json | 38 ------------------- .../MAL-2025-48405.json | 35 ++++++++++++----- .../company-logo/MAL-0000-company-logo.json | 38 ------------------- .../npm/company-logo/MAL-2025-48406.json | 35 ++++++++++++----- .../MAL-0000-company-overview.json | 38 ------------------- .../npm/company-overview/MAL-2025-48407.json | 35 ++++++++++++----- .../MAL-0000-company-request-access.json | 38 ------------------- .../MAL-2025-48408.json | 35 ++++++++++++----- .../npm/doppler-sdk/MAL-0000-doppler-sdk.json | 8 +++- .../MAL-0000-humansdotai-humans-client.json | 8 +++- .../MAL-2025-48409.json | 9 +++++ .../npm/kmf-cookiecatcher/MAL-2025-48410.json | 9 +++++ .../MAL-0000-metronome-utils.json | 8 +++- .../MAL-2025-48314.json | 2 +- .../phlex-core-ui/MAL-0000-phlex-core-ui.json | 8 +++- .../MAL-0000-private-callout-queue.json | 38 ------------------- .../private-callout-queue/MAL-2025-48411.json | 35 ++++++++++++----- .../MAL-0000-private-callouts.json | 38 ------------------- .../npm/private-callouts/MAL-2025-48412.json | 35 ++++++++++++----- .../MAL-0000-ui-library_mercadolibre.json | 8 +++- .../MAL-0000-web-palette-react.json | 8 +++- .../MAL-0000-yugabyte_cloud.json | 8 +++- 35 files changed, 301 insertions(+), 319 deletions(-) delete mode 100644 osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json delete mode 100644 osv/malicious/npm/company-logo/MAL-0000-company-logo.json delete mode 100644 osv/malicious/npm/company-overview/MAL-0000-company-overview.json delete mode 100644 osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json delete mode 100644 osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json delete mode 100644 osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json diff --git a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json index 2eebc6826c..44f57803fe 100644 --- a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json +++ b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @custom-widget/sdk (npm)", "details": "The package @custom-widget/sdk was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json index 4695b2650e..7b59aed21b 100644 --- a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json +++ b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @gala-analytics/core (npm)", "details": "The package @gala-analytics/core was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json index 582c8b542d..abde978dc6 100644 --- a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json +++ b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @gtpn/eslint-config-progressive (npm)", "details": "The package @gtpn/eslint-config-progressive was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json index 1174838c2f..58404f199e 100644 --- a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json +++ b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @naviance/translation-client (npm)", "details": "The package @naviance/translation-client was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json index 1dd38e74c4..fa4e60ef15 100644 --- a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json +++ b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @sudt-faucet/commons (npm)", "details": "The package @sudt-faucet/commons was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json index bbea411bc7..0c6400acf2 100644 --- a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json +++ b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @taskrabbit/meadow-web (npm)", "details": "The package @taskrabbit/meadow-web was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json index cc3abcfe5b..396068373c 100644 --- a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json +++ b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @undress-ai/best-undress-ai (npm)", "details": "The package @undress-ai/best-undress-ai was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json index b7a8a6cd6a..f20ae0c426 100644 --- a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json +++ b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @upside/flex-common-typescript-lib (npm)", "details": "The package @upside/flex-common-typescript-lib was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json index 4469914f98..6b9b881742 100644 --- a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json +++ b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @wen-community/wen-new-standard (npm)", "details": "The package @wen-community/wen-new-standard was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/akasearch/MAL-2025-48403.json b/osv/malicious/npm/akasearch/MAL-2025-48403.json index 12ce09a423..b15d7d09eb 100644 --- a/osv/malicious/npm/akasearch/MAL-2025-48403.json +++ b/osv/malicious/npm/akasearch/MAL-2025-48403.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/akdump/MAL-2025-48404.json b/osv/malicious/npm/akdump/MAL-2025-48404.json index 650c12c822..d973405a14 100644 --- a/osv/malicious/npm/akdump/MAL-2025-48404.json +++ b/osv/malicious/npm/akdump/MAL-2025-48404.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json index f75089ad7e..421825a706 100644 --- a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json +++ b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in aptos-protos (npm)", "details": "The package aptos-protos was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json index aec6d5bd78..be02286826 100644 --- a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json +++ b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in codegrid-js (npm)", "details": "The package codegrid-js was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json b/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json deleted file mode 100644 index e2c4a41b09..0000000000 --- a/osv/malicious/npm/company-access-pending/MAL-0000-company-access-pending.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "modified": "2025-10-14T03:47:34Z", - "published": "2025-10-14T03:47:34Z", - "schema_version": "1.5.0", - "id": "", - "summary": "Malicious code in company-access-pending (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "company-access-pending" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "999.0.1" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ], - "database_specific": { - "malicious-packages-origins": null - } -} diff --git a/osv/malicious/npm/company-access-pending/MAL-2025-48405.json b/osv/malicious/npm/company-access-pending/MAL-2025-48405.json index bcf2e5c427..b7cce79db5 100644 --- a/osv/malicious/npm/company-access-pending/MAL-2025-48405.json +++ b/osv/malicious/npm/company-access-pending/MAL-2025-48405.json @@ -1,13 +1,13 @@ { - "modified": "2025-10-14T04:35:38Z", - "published": "2025-10-14T04:35:33Z", + "modified": "2025-10-14T15:22:58Z", + "published": "2025-10-14T03:47:34Z", "schema_version": "1.5.0", "id": "MAL-2025-48405", "aliases": [ "GHSA-jxwh-mg72-87m5" ], "summary": "Malicious code in company-access-pending (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (ddfec3b870b7eafccef0a535e03adb6bf0728eaa79ca63e248fa07593eb20361)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (ddfec3b870b7eafccef0a535e03adb6bf0728eaa79ca63e248fa07593eb20361)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -22,6 +22,14 @@ "introduced": "0" } ] + }, + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] } ], "database_specific": { @@ -41,24 +49,33 @@ "url": "https://github.com/advisories/GHSA-jxwh-mg72-87m5" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-jxwh-mg72-87m5", + "source": "ghsa-malware", + "sha256": "ddfec3b870b7eafccef0a535e03adb6bf0728eaa79ca63e248fa07593eb20361", "import_time": "2025-10-14T05:22:50.300413463Z", + "id": "GHSA-jxwh-mg72-87m5", "modified_time": "2025-10-14T04:35:38Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "ddfec3b870b7eafccef0a535e03adb6bf0728eaa79ca63e248fa07593eb20361", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/company-logo/MAL-0000-company-logo.json b/osv/malicious/npm/company-logo/MAL-0000-company-logo.json deleted file mode 100644 index ac8852370b..0000000000 --- a/osv/malicious/npm/company-logo/MAL-0000-company-logo.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "modified": "2025-10-14T03:47:47Z", - "published": "2025-10-14T03:47:47Z", - "schema_version": "1.5.0", - "id": "", - "summary": "Malicious code in company-logo (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "company-logo" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "999.0.1" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ], - "database_specific": { - "malicious-packages-origins": null - } -} diff --git a/osv/malicious/npm/company-logo/MAL-2025-48406.json b/osv/malicious/npm/company-logo/MAL-2025-48406.json index 9fdeefc7be..c1917e2dc5 100644 --- a/osv/malicious/npm/company-logo/MAL-2025-48406.json +++ b/osv/malicious/npm/company-logo/MAL-2025-48406.json @@ -1,13 +1,13 @@ { - "modified": "2025-10-14T04:35:34Z", - "published": "2025-10-14T04:35:33Z", + "modified": "2025-10-14T15:22:58Z", + "published": "2025-10-14T03:47:47Z", "schema_version": "1.5.0", "id": "MAL-2025-48406", "aliases": [ "GHSA-rq4c-fr33-r4cw" ], "summary": "Malicious code in company-logo (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (3356f69fe3ebba321196add643af22e2daaff13de896d2ad82a6d79d9c381709)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (3356f69fe3ebba321196add643af22e2daaff13de896d2ad82a6d79d9c381709)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -22,6 +22,14 @@ "introduced": "0" } ] + }, + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] } ], "database_specific": { @@ -41,24 +49,33 @@ "url": "https://github.com/advisories/GHSA-rq4c-fr33-r4cw" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-rq4c-fr33-r4cw", + "source": "ghsa-malware", + "sha256": "3356f69fe3ebba321196add643af22e2daaff13de896d2ad82a6d79d9c381709", "import_time": "2025-10-14T05:22:50.302209226Z", + "id": "GHSA-rq4c-fr33-r4cw", "modified_time": "2025-10-14T04:35:34Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "3356f69fe3ebba321196add643af22e2daaff13de896d2ad82a6d79d9c381709", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/company-overview/MAL-0000-company-overview.json b/osv/malicious/npm/company-overview/MAL-0000-company-overview.json deleted file mode 100644 index 2e53a24775..0000000000 --- a/osv/malicious/npm/company-overview/MAL-0000-company-overview.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "modified": "2025-10-14T03:47:22Z", - "published": "2025-10-14T03:47:22Z", - "schema_version": "1.5.0", - "id": "", - "summary": "Malicious code in company-overview (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "company-overview" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "999.0.1" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ], - "database_specific": { - "malicious-packages-origins": null - } -} diff --git a/osv/malicious/npm/company-overview/MAL-2025-48407.json b/osv/malicious/npm/company-overview/MAL-2025-48407.json index 41ecfe9670..34bbe22c53 100644 --- a/osv/malicious/npm/company-overview/MAL-2025-48407.json +++ b/osv/malicious/npm/company-overview/MAL-2025-48407.json @@ -1,13 +1,13 @@ { - "modified": "2025-10-14T04:35:34Z", - "published": "2025-10-14T04:35:33Z", + "modified": "2025-10-14T15:22:58Z", + "published": "2025-10-14T03:47:22Z", "schema_version": "1.5.0", "id": "MAL-2025-48407", "aliases": [ "GHSA-gw4h-fr4m-q4vf" ], "summary": "Malicious code in company-overview (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (d7bf8d3a72c075224c157c2cf2307e520204ee333e3107d1f1b1bc6992b21dd4)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (d7bf8d3a72c075224c157c2cf2307e520204ee333e3107d1f1b1bc6992b21dd4)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -22,6 +22,14 @@ "introduced": "0" } ] + }, + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] } ], "database_specific": { @@ -41,24 +49,33 @@ "url": "https://github.com/advisories/GHSA-gw4h-fr4m-q4vf" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-gw4h-fr4m-q4vf", + "source": "ghsa-malware", + "sha256": "d7bf8d3a72c075224c157c2cf2307e520204ee333e3107d1f1b1bc6992b21dd4", "import_time": "2025-10-14T05:22:50.298061352Z", + "id": "GHSA-gw4h-fr4m-q4vf", "modified_time": "2025-10-14T04:35:34Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "d7bf8d3a72c075224c157c2cf2307e520204ee333e3107d1f1b1bc6992b21dd4", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json b/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json deleted file mode 100644 index 60987eb2c3..0000000000 --- a/osv/malicious/npm/company-request-access/MAL-0000-company-request-access.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "modified": "2025-10-14T03:47:06Z", - "published": "2025-10-14T03:47:06Z", - "schema_version": "1.5.0", - "id": "", - "summary": "Malicious code in company-request-access (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "company-request-access" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "999.0.1" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ], - "database_specific": { - "malicious-packages-origins": null - } -} diff --git a/osv/malicious/npm/company-request-access/MAL-2025-48408.json b/osv/malicious/npm/company-request-access/MAL-2025-48408.json index 98d9651b85..9083bad0c5 100644 --- a/osv/malicious/npm/company-request-access/MAL-2025-48408.json +++ b/osv/malicious/npm/company-request-access/MAL-2025-48408.json @@ -1,13 +1,13 @@ { - "modified": "2025-10-14T04:35:38Z", - "published": "2025-10-14T04:35:33Z", + "modified": "2025-10-14T15:22:58Z", + "published": "2025-10-14T03:47:06Z", "schema_version": "1.5.0", "id": "MAL-2025-48408", "aliases": [ "GHSA-88x3-8842-5cmj" ], "summary": "Malicious code in company-request-access (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (e49052755a86ef81d8b6c55e055db2639127cd68573b30d2725ed12e8e0d61ea)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (e49052755a86ef81d8b6c55e055db2639127cd68573b30d2725ed12e8e0d61ea)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -22,6 +22,14 @@ "introduced": "0" } ] + }, + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] } ], "database_specific": { @@ -41,24 +49,33 @@ "url": "https://github.com/advisories/GHSA-88x3-8842-5cmj" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-88x3-8842-5cmj", + "source": "ghsa-malware", + "sha256": "e49052755a86ef81d8b6c55e055db2639127cd68573b30d2725ed12e8e0d61ea", "import_time": "2025-10-14T05:22:50.296663232Z", + "id": "GHSA-88x3-8842-5cmj", "modified_time": "2025-10-14T04:35:38Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "e49052755a86ef81d8b6c55e055db2639127cd68573b30d2725ed12e8e0d61ea", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json index baa80904f8..a13bd11162 100644 --- a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json +++ b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in doppler-sdk (npm)", "details": "The package doppler-sdk was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json index 5b707d95bc..ea39b522fe 100644 --- a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json +++ b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in humansdotai-humans-client (npm)", "details": "The package humansdotai-humans-client was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/internal-greeter-utils/MAL-2025-48409.json b/osv/malicious/npm/internal-greeter-utils/MAL-2025-48409.json index 378857671e..b03990f0e8 100644 --- a/osv/malicious/npm/internal-greeter-utils/MAL-2025-48409.json +++ b/osv/malicious/npm/internal-greeter-utils/MAL-2025-48409.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/kmf-cookiecatcher/MAL-2025-48410.json b/osv/malicious/npm/kmf-cookiecatcher/MAL-2025-48410.json index 33592fdfeb..a3cf6ce070 100644 --- a/osv/malicious/npm/kmf-cookiecatcher/MAL-2025-48410.json +++ b/osv/malicious/npm/kmf-cookiecatcher/MAL-2025-48410.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json index 426f3b4609..016755de82 100644 --- a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json +++ b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in metronome-utils (npm)", "details": "The package metronome-utils was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/my-unique-package-here/MAL-2025-48314.json b/osv/malicious/npm/my-unique-package-here/MAL-2025-48314.json index 60e0ecfb61..b2405c897f 100644 --- a/osv/malicious/npm/my-unique-package-here/MAL-2025-48314.json +++ b/osv/malicious/npm/my-unique-package-here/MAL-2025-48314.json @@ -29,7 +29,7 @@ "1.0.9", "1.0.12", "1.0.14", - "1.0.11" + "1.0.11", "1.0.8" ], "database_specific": { diff --git a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json index 2ee74ec73b..9279636ac7 100644 --- a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json +++ b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in phlex-core-ui (npm)", "details": "The package phlex-core-ui was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json b/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json deleted file mode 100644 index d3b08ea2f7..0000000000 --- a/osv/malicious/npm/private-callout-queue/MAL-0000-private-callout-queue.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "modified": "2025-10-14T03:46:47Z", - "published": "2025-10-14T03:46:47Z", - "schema_version": "1.5.0", - "id": "", - "summary": "Malicious code in private-callout-queue (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "private-callout-queue" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "999.0.1" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ], - "database_specific": { - "malicious-packages-origins": null - } -} diff --git a/osv/malicious/npm/private-callout-queue/MAL-2025-48411.json b/osv/malicious/npm/private-callout-queue/MAL-2025-48411.json index a1a9af1b4e..b61f04223b 100644 --- a/osv/malicious/npm/private-callout-queue/MAL-2025-48411.json +++ b/osv/malicious/npm/private-callout-queue/MAL-2025-48411.json @@ -1,13 +1,13 @@ { - "modified": "2025-10-14T04:35:33Z", - "published": "2025-10-14T04:35:33Z", + "modified": "2025-10-14T15:23:03Z", + "published": "2025-10-14T03:46:47Z", "schema_version": "1.5.0", "id": "MAL-2025-48411", "aliases": [ "GHSA-2q2p-9gx8-v6m7" ], "summary": "Malicious code in private-callout-queue (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (7962ea070e8c6d0dc03b62736d3b83c52ac2367d2f5949252c86fa295aac63b2)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (7962ea070e8c6d0dc03b62736d3b83c52ac2367d2f5949252c86fa295aac63b2)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -22,6 +22,14 @@ "introduced": "0" } ] + }, + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] } ], "database_specific": { @@ -41,24 +49,33 @@ "url": "https://github.com/advisories/GHSA-2q2p-9gx8-v6m7" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-2q2p-9gx8-v6m7", + "source": "ghsa-malware", + "sha256": "7962ea070e8c6d0dc03b62736d3b83c52ac2367d2f5949252c86fa295aac63b2", "import_time": "2025-10-14T05:22:50.287739374Z", + "id": "GHSA-2q2p-9gx8-v6m7", "modified_time": "2025-10-14T04:35:33Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "7962ea070e8c6d0dc03b62736d3b83c52ac2367d2f5949252c86fa295aac63b2", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json b/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json deleted file mode 100644 index 2d240c930c..0000000000 --- a/osv/malicious/npm/private-callouts/MAL-0000-private-callouts.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "modified": "2025-10-14T03:46:54Z", - "published": "2025-10-14T03:46:54Z", - "schema_version": "1.5.0", - "id": "", - "summary": "Malicious code in private-callouts (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "private-callouts" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "999.0.1" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ], - "database_specific": { - "malicious-packages-origins": null - } -} diff --git a/osv/malicious/npm/private-callouts/MAL-2025-48412.json b/osv/malicious/npm/private-callouts/MAL-2025-48412.json index 7efe650424..00bd49d669 100644 --- a/osv/malicious/npm/private-callouts/MAL-2025-48412.json +++ b/osv/malicious/npm/private-callouts/MAL-2025-48412.json @@ -1,13 +1,13 @@ { - "modified": "2025-10-14T04:35:33Z", - "published": "2025-10-14T04:35:33Z", + "modified": "2025-10-14T15:23:03Z", + "published": "2025-10-14T03:46:54Z", "schema_version": "1.5.0", "id": "MAL-2025-48412", "aliases": [ "GHSA-64x5-3pc3-fwg8" ], "summary": "Malicious code in private-callouts (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (2a2946aeff32829327711ed5cbdd0127273806a52a23e9be1f96113c04562bc6)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (2a2946aeff32829327711ed5cbdd0127273806a52a23e9be1f96113c04562bc6)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -22,6 +22,14 @@ "introduced": "0" } ] + }, + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.0.1" + } + ] } ], "database_specific": { @@ -41,24 +49,33 @@ "url": "https://github.com/advisories/GHSA-64x5-3pc3-fwg8" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-64x5-3pc3-fwg8", + "source": "ghsa-malware", + "sha256": "2a2946aeff32829327711ed5cbdd0127273806a52a23e9be1f96113c04562bc6", "import_time": "2025-10-14T05:22:50.292347013Z", + "id": "GHSA-64x5-3pc3-fwg8", "modified_time": "2025-10-14T04:35:33Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "2a2946aeff32829327711ed5cbdd0127273806a52a23e9be1f96113c04562bc6", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json index 5aba4a73bd..d041cd9c4e 100644 --- a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json +++ b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in ui-library_mercadolibre (npm)", "details": "The package ui-library_mercadolibre was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json index 5339d53717..2a6a82c7e0 100644 --- a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json +++ b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in web-palette-react (npm)", "details": "The package web-palette-react was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json index f7eb8dc469..ee0042b306 100644 --- a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json +++ b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T04:24:22Z", "published": "2025-10-14T04:24:22Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in yugabyte_cloud (npm)", "details": "The package yugabyte_cloud was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} From cde526e249f860cbcd8a2acfdcc9decefadbc502 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Tue, 14 Oct 2025 11:19:16 -0500 Subject: [PATCH 17/42] Added reports Signed-off-by: Chi Tran --- .../sdk/MAL-0000-custom-widget-sdk.json | 12 +++---- .../core/MAL-0000-gala-analytics-core.json | 12 +++---- ...L-0000-gtpn-eslint-config-progressive.json | 12 +++---- .../MAL-0000-naviance-translation-client.json | 12 +++---- .../commons/MAL-0000-sudt-faucet-commons.json | 12 +++---- .../MAL-0000-taskrabbit-meadow-web.json | 12 +++---- .../MAL-0000-undress-ai-best-undress-ai.json | 12 +++---- ...000-upside-flex-common-typescript-lib.json | 12 +++---- .../MAL-0000-vscode-bicep-ui-components.json | 34 +++++++++++++++++++ ...L-0000-wen-community-wen-new-standard.json | 12 +++---- .../aptos-protos/MAL-0000-aptos-protos.json | 12 +++---- .../npm/codegrid-js/MAL-0000-codegrid-js.json | 12 +++---- .../npm/didirce/MAL-0000-didirce.json | 34 +++++++++++++++++++ .../npm/doppler-sdk/MAL-0000-doppler-sdk.json | 12 +++---- .../MAL-0000-humansdotai-humans-client.json | 12 +++---- .../MAL-0000-metronome-utils.json | 12 +++---- .../phlex-core-ui/MAL-0000-phlex-core-ui.json | 12 +++---- .../MAL-0000-ui-library_mercadolibre.json | 12 +++---- .../MAL-0000-web-palette-react.json | 12 +++---- .../MAL-0000-yugabyte_cloud.json | 12 +++---- 20 files changed, 140 insertions(+), 144 deletions(-) create mode 100644 osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json create mode 100644 osv/malicious/npm/didirce/MAL-0000-didirce.json diff --git a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json index 44f57803fe..0c2d37b84f 100644 --- a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json +++ b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @custom-widget/sdk (npm)", "details": "The package @custom-widget/sdk was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json index 7b59aed21b..d4684354ea 100644 --- a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json +++ b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @gala-analytics/core (npm)", "details": "The package @gala-analytics/core was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json index abde978dc6..6879d7c569 100644 --- a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json +++ b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @gtpn/eslint-config-progressive (npm)", "details": "The package @gtpn/eslint-config-progressive was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json index 58404f199e..02ca3ed9e7 100644 --- a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json +++ b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @naviance/translation-client (npm)", "details": "The package @naviance/translation-client was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json index fa4e60ef15..e7199415b9 100644 --- a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json +++ b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @sudt-faucet/commons (npm)", "details": "The package @sudt-faucet/commons was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json index 0c6400acf2..940b5b5e22 100644 --- a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json +++ b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @taskrabbit/meadow-web (npm)", "details": "The package @taskrabbit/meadow-web was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json index 396068373c..ac7a1a48fe 100644 --- a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json +++ b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @undress-ai/best-undress-ai (npm)", "details": "The package @undress-ai/best-undress-ai was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json index f20ae0c426..f03ec38912 100644 --- a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json +++ b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @upside/flex-common-typescript-lib (npm)", "details": "The package @upside/flex-common-typescript-lib was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json new file mode 100644 index 0000000000..482cf529d0 --- /dev/null +++ b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @vscode-bicep-ui/components (npm)", + "details": "The package @vscode-bicep-ui/components was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@vscode-bicep-ui/components" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json index 6b9b881742..a02ad3997a 100644 --- a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json +++ b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @wen-community/wen-new-standard (npm)", "details": "The package @wen-community/wen-new-standard was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json index 421825a706..46cefbfdfc 100644 --- a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json +++ b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in aptos-protos (npm)", "details": "The package aptos-protos was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json index be02286826..c351dcfe54 100644 --- a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json +++ b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in codegrid-js (npm)", "details": "The package codegrid-js was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/didirce/MAL-0000-didirce.json b/osv/malicious/npm/didirce/MAL-0000-didirce.json new file mode 100644 index 0000000000..63093c9d13 --- /dev/null +++ b/osv/malicious/npm/didirce/MAL-0000-didirce.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", + "schema_version": "1.5.0", + "summary": "Malicious code in didirce (npm)", + "details": "The package didirce was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "didirce" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json index a13bd11162..77ed1e5708 100644 --- a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json +++ b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in doppler-sdk (npm)", "details": "The package doppler-sdk was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json index ea39b522fe..144af34adb 100644 --- a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json +++ b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in humansdotai-humans-client (npm)", "details": "The package humansdotai-humans-client was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json index 016755de82..4e365872a8 100644 --- a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json +++ b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in metronome-utils (npm)", "details": "The package metronome-utils was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json index 9279636ac7..4b03f1836f 100644 --- a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json +++ b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in phlex-core-ui (npm)", "details": "The package phlex-core-ui was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json index d041cd9c4e..fa7a928f08 100644 --- a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json +++ b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in ui-library_mercadolibre (npm)", "details": "The package ui-library_mercadolibre was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json index 2a6a82c7e0..c4c95a85c1 100644 --- a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json +++ b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in web-palette-react (npm)", "details": "The package web-palette-react was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json index ee0042b306..5fd3db86ba 100644 --- a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json +++ b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T04:24:22Z", - "published": "2025-10-14T04:24:22Z", + "modified": "2025-10-14T16:18:33Z", + "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in yugabyte_cloud (npm)", "details": "The package yugabyte_cloud was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file From 95f167e6a302d4970897ba104186c963e18e7f82 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Tue, 14 Oct 2025 11:24:44 -0500 Subject: [PATCH 18/42] Add malicious package entry: tombac Signed-off-by: Chi Tran --- osv/malicious/npm/tombac/MAL-0000-tombac.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/tombac/MAL-0000-tombac.json diff --git a/osv/malicious/npm/tombac/MAL-0000-tombac.json b/osv/malicious/npm/tombac/MAL-0000-tombac.json new file mode 100644 index 0000000000..c2b9e0753b --- /dev/null +++ b/osv/malicious/npm/tombac/MAL-0000-tombac.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T16:24:43.886Z", + "published": "2025-10-14T16:24:43.886Z", + "schema_version": "1.5.0", + "summary": "Malicious code in tombac package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "tombac" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 0bd6d35910617678fc4012744922babb9854b4f5 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Tue, 14 Oct 2025 11:25:10 -0500 Subject: [PATCH 19/42] Add malicious package entry: arno-baidu-test Signed-off-by: Chi Tran --- .../MAL-0000-arno-baidu-test.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/arno-baidu-test/MAL-0000-arno-baidu-test.json diff --git a/osv/malicious/npm/arno-baidu-test/MAL-0000-arno-baidu-test.json b/osv/malicious/npm/arno-baidu-test/MAL-0000-arno-baidu-test.json new file mode 100644 index 0000000000..687690bc95 --- /dev/null +++ b/osv/malicious/npm/arno-baidu-test/MAL-0000-arno-baidu-test.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T16:25:10.207Z", + "published": "2025-10-14T16:25:10.207Z", + "schema_version": "1.5.0", + "summary": "Malicious code in arno-baidu-test package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "arno-baidu-test" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From cd564243bcb1a555a5afdadc61f9d304f82c5495 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Tue, 14 Oct 2025 12:04:16 -0500 Subject: [PATCH 20/42] Add malicious package entry: package-g Signed-off-by: Chi Tran --- .../npm/package-g/MAL-0000-package-g.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/package-g/MAL-0000-package-g.json diff --git a/osv/malicious/npm/package-g/MAL-0000-package-g.json b/osv/malicious/npm/package-g/MAL-0000-package-g.json new file mode 100644 index 0000000000..bedce36486 --- /dev/null +++ b/osv/malicious/npm/package-g/MAL-0000-package-g.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T17:04:15.475Z", + "published": "2025-10-14T17:04:15.475Z", + "schema_version": "1.5.0", + "summary": "Malicious code in package-g package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "package-g" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.1.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From a980842436111decc0c58671b22067c0fe38da93 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Tue, 14 Oct 2025 16:06:54 -0500 Subject: [PATCH 21/42] Add malicious package entry: batchw-test-common-config Signed-off-by: Chi Tran --- .../MAL-0000-batchw-test-common-config.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json diff --git a/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json b/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json new file mode 100644 index 0000000000..87e101ff64 --- /dev/null +++ b/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-14T21:06:54.150Z", + "published": "2025-10-14T21:06:54.150Z", + "schema_version": "1.5.0", + "summary": "Malicious code in batchw-test-common-config package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "batchw-test-common-config" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.1.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 13534404af790726511ece769b2a420e6c6e5a67 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Tue, 14 Oct 2025 17:16:46 -0500 Subject: [PATCH 22/42] Merged report Signed-off-by: Chi Tran --- .../npm/aps-configurator-inventor/MAL-2025-48413.json | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/osv/malicious/npm/aps-configurator-inventor/MAL-2025-48413.json b/osv/malicious/npm/aps-configurator-inventor/MAL-2025-48413.json index d5177721eb..2e4dce824e 100644 --- a/osv/malicious/npm/aps-configurator-inventor/MAL-2025-48413.json +++ b/osv/malicious/npm/aps-configurator-inventor/MAL-2025-48413.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", From a533abac1956a7f58024910751e4c1475ceaa64f Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Wed, 15 Oct 2025 09:56:50 -0500 Subject: [PATCH 23/42] Added reports Signed-off-by: Chi Tran --- .../sdk/MAL-0000-custom-widget-sdk.json | 8 ++++++-- .../core/MAL-0000-gala-analytics-core.json | 8 ++++++-- .../MAL-0000-gtpn-eslint-config-progressive.json | 8 ++++++-- .../MAL-0000-naviance-translation-client.json | 8 ++++++-- .../commons/MAL-0000-sudt-faucet-commons.json | 8 ++++++-- .../meadow-web/MAL-0000-taskrabbit-meadow-web.json | 8 ++++++-- .../MAL-0000-undress-ai-best-undress-ai.json | 8 ++++++-- ...MAL-0000-upside-flex-common-typescript-lib.json | 8 ++++++-- .../MAL-0000-vscode-bicep-ui-components.json | 8 ++++++-- .../MAL-0000-wen-community-wen-new-standard.json | 8 ++++++-- .../npm/aptos-protos/MAL-0000-aptos-protos.json | 8 ++++++-- .../arno-baidu-test/MAL-0000-arno-baidu-test.json | 14 +++++++++----- .../MAL-0000-batchw-test-common-config.json | 14 +++++++++----- .../npm/codegrid-js/MAL-0000-codegrid-js.json | 8 ++++++-- .../npm/cryptocom-corp-tools/MAL-2025-48417.json | 9 +++++++++ .../cryptocom-internal-auth/MAL-2025-48418.json | 9 +++++++++ .../npm/cryptocom-private-api/MAL-2025-48419.json | 9 +++++++++ .../npm/csv-parsing-xyz/MAL-2025-48414.json | 9 +++++++++ .../MAL-2025-48420.json | 9 +++++++++ .../deficonnect-internal-utils/MAL-2025-48421.json | 9 +++++++++ .../deficonnect-private-sdk/MAL-2025-48422.json | 9 +++++++++ osv/malicious/npm/didirce/MAL-0000-didirce.json | 8 ++++++-- .../npm/doppler-sdk/MAL-0000-doppler-sdk.json | 8 ++++++-- .../MAL-0000-humansdotai-humans-client.json | 8 ++++++-- .../metronome-utils/MAL-0000-metronome-utils.json | 8 ++++++-- .../npm/package-g/MAL-0000-package-g.json | 14 +++++++++----- .../npm/phlex-core-ui/MAL-0000-phlex-core-ui.json | 8 ++++++-- osv/malicious/npm/scouthus921/MAL-2025-48415.json | 9 +++++++++ .../MAL-2025-48423.json | 9 +++++++++ .../MAL-2025-48424.json | 9 +++++++++ .../MAL-2025-48425.json | 9 +++++++++ osv/malicious/npm/tombac/MAL-0000-tombac.json | 14 +++++++++----- .../MAL-0000-ui-library_mercadolibre.json | 8 ++++++-- .../npm/vite-plugin-parseflow/MAL-2025-48426.json | 9 +++++++++ .../MAL-0000-web-palette-react.json | 8 ++++++-- osv/malicious/npm/yajusenpai/MAL-2025-48416.json | 9 +++++++++ .../yugabyte_cloud/MAL-0000-yugabyte_cloud.json | 8 ++++++-- 37 files changed, 273 insertions(+), 60 deletions(-) diff --git a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json index 0c2d37b84f..9187ec9878 100644 --- a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json +++ b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @custom-widget/sdk (npm)", "details": "The package @custom-widget/sdk was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json index d4684354ea..a89f82cf04 100644 --- a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json +++ b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @gala-analytics/core (npm)", "details": "The package @gala-analytics/core was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json index 6879d7c569..556da6e9aa 100644 --- a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json +++ b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @gtpn/eslint-config-progressive (npm)", "details": "The package @gtpn/eslint-config-progressive was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json index 02ca3ed9e7..1d5471a385 100644 --- a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json +++ b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @naviance/translation-client (npm)", "details": "The package @naviance/translation-client was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json index e7199415b9..efd8409131 100644 --- a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json +++ b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @sudt-faucet/commons (npm)", "details": "The package @sudt-faucet/commons was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json index 940b5b5e22..2115ab8260 100644 --- a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json +++ b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @taskrabbit/meadow-web (npm)", "details": "The package @taskrabbit/meadow-web was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json index ac7a1a48fe..f0a08be5fb 100644 --- a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json +++ b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @undress-ai/best-undress-ai (npm)", "details": "The package @undress-ai/best-undress-ai was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json index f03ec38912..c2c9940793 100644 --- a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json +++ b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @upside/flex-common-typescript-lib (npm)", "details": "The package @upside/flex-common-typescript-lib was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json index 482cf529d0..f0f98dfb4c 100644 --- a/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json +++ b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @vscode-bicep-ui/components (npm)", "details": "The package @vscode-bicep-ui/components was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json index a02ad3997a..f5367925dd 100644 --- a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json +++ b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @wen-community/wen-new-standard (npm)", "details": "The package @wen-community/wen-new-standard was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json index 46cefbfdfc..61438e988f 100644 --- a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json +++ b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in aptos-protos (npm)", "details": "The package aptos-protos was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/arno-baidu-test/MAL-0000-arno-baidu-test.json b/osv/malicious/npm/arno-baidu-test/MAL-0000-arno-baidu-test.json index 687690bc95..29c652eca0 100644 --- a/osv/malicious/npm/arno-baidu-test/MAL-0000-arno-baidu-test.json +++ b/osv/malicious/npm/arno-baidu-test/MAL-0000-arno-baidu-test.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T16:25:10.207Z", - "published": "2025-10-14T16:25:10.207Z", + "modified": "2025-10-14T16:25:10Z", + "published": "2025-10-14T16:25:10Z", "schema_version": "1.5.0", - "summary": "Malicious code in arno-baidu-test package (npm)", + "id": "", + "summary": "Malicious code in arno-baidu-test (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json b/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json index 87e101ff64..34e236f629 100644 --- a/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json +++ b/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T21:06:54.150Z", - "published": "2025-10-14T21:06:54.150Z", + "modified": "2025-10-14T21:06:54Z", + "published": "2025-10-14T21:06:54Z", "schema_version": "1.5.0", - "summary": "Malicious code in batchw-test-common-config package (npm)", + "id": "", + "summary": "Malicious code in batchw-test-common-config (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json index c351dcfe54..8f215438fc 100644 --- a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json +++ b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in codegrid-js (npm)", "details": "The package codegrid-js was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/cryptocom-corp-tools/MAL-2025-48417.json b/osv/malicious/npm/cryptocom-corp-tools/MAL-2025-48417.json index a82da78e7f..3f8d3c9c06 100644 --- a/osv/malicious/npm/cryptocom-corp-tools/MAL-2025-48417.json +++ b/osv/malicious/npm/cryptocom-corp-tools/MAL-2025-48417.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/cryptocom-internal-auth/MAL-2025-48418.json b/osv/malicious/npm/cryptocom-internal-auth/MAL-2025-48418.json index 631e4a2289..51a68739c3 100644 --- a/osv/malicious/npm/cryptocom-internal-auth/MAL-2025-48418.json +++ b/osv/malicious/npm/cryptocom-internal-auth/MAL-2025-48418.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/cryptocom-private-api/MAL-2025-48419.json b/osv/malicious/npm/cryptocom-private-api/MAL-2025-48419.json index 079a51a1b7..f9baf6851b 100644 --- a/osv/malicious/npm/cryptocom-private-api/MAL-2025-48419.json +++ b/osv/malicious/npm/cryptocom-private-api/MAL-2025-48419.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/csv-parsing-xyz/MAL-2025-48414.json b/osv/malicious/npm/csv-parsing-xyz/MAL-2025-48414.json index 04f9a79797..7267889c79 100644 --- a/osv/malicious/npm/csv-parsing-xyz/MAL-2025-48414.json +++ b/osv/malicious/npm/csv-parsing-xyz/MAL-2025-48414.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/curve-ui-kit-security-notice/MAL-2025-48420.json b/osv/malicious/npm/curve-ui-kit-security-notice/MAL-2025-48420.json index 40850b4821..28b7e291b9 100644 --- a/osv/malicious/npm/curve-ui-kit-security-notice/MAL-2025-48420.json +++ b/osv/malicious/npm/curve-ui-kit-security-notice/MAL-2025-48420.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/deficonnect-internal-utils/MAL-2025-48421.json b/osv/malicious/npm/deficonnect-internal-utils/MAL-2025-48421.json index ee787518da..2165dd19b0 100644 --- a/osv/malicious/npm/deficonnect-internal-utils/MAL-2025-48421.json +++ b/osv/malicious/npm/deficonnect-internal-utils/MAL-2025-48421.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/deficonnect-private-sdk/MAL-2025-48422.json b/osv/malicious/npm/deficonnect-private-sdk/MAL-2025-48422.json index a50a62c371..d3f9aa2008 100644 --- a/osv/malicious/npm/deficonnect-private-sdk/MAL-2025-48422.json +++ b/osv/malicious/npm/deficonnect-private-sdk/MAL-2025-48422.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/didirce/MAL-0000-didirce.json b/osv/malicious/npm/didirce/MAL-0000-didirce.json index 63093c9d13..e68503c6fa 100644 --- a/osv/malicious/npm/didirce/MAL-0000-didirce.json +++ b/osv/malicious/npm/didirce/MAL-0000-didirce.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in didirce (npm)", "details": "The package didirce was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json index 77ed1e5708..27ca783397 100644 --- a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json +++ b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in doppler-sdk (npm)", "details": "The package doppler-sdk was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json index 144af34adb..42578326b4 100644 --- a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json +++ b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in humansdotai-humans-client (npm)", "details": "The package humansdotai-humans-client was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json index 4e365872a8..e5991dc338 100644 --- a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json +++ b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in metronome-utils (npm)", "details": "The package metronome-utils was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/package-g/MAL-0000-package-g.json b/osv/malicious/npm/package-g/MAL-0000-package-g.json index bedce36486..0ff159b9db 100644 --- a/osv/malicious/npm/package-g/MAL-0000-package-g.json +++ b/osv/malicious/npm/package-g/MAL-0000-package-g.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T17:04:15.475Z", - "published": "2025-10-14T17:04:15.475Z", + "modified": "2025-10-14T17:04:15Z", + "published": "2025-10-14T17:04:15Z", "schema_version": "1.5.0", - "summary": "Malicious code in package-g package (npm)", + "id": "", + "summary": "Malicious code in package-g (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json index 4b03f1836f..b38ed90ee2 100644 --- a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json +++ b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in phlex-core-ui (npm)", "details": "The package phlex-core-ui was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/scouthus921/MAL-2025-48415.json b/osv/malicious/npm/scouthus921/MAL-2025-48415.json index 111ded4bb3..d9ab26add9 100644 --- a/osv/malicious/npm/scouthus921/MAL-2025-48415.json +++ b/osv/malicious/npm/scouthus921/MAL-2025-48415.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/summerfi-eslint-config-security-notice/MAL-2025-48423.json b/osv/malicious/npm/summerfi-eslint-config-security-notice/MAL-2025-48423.json index bb013d6ad1..070a69e0aa 100644 --- a/osv/malicious/npm/summerfi-eslint-config-security-notice/MAL-2025-48423.json +++ b/osv/malicious/npm/summerfi-eslint-config-security-notice/MAL-2025-48423.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/summerfi-typescript-config-security-notice/MAL-2025-48424.json b/osv/malicious/npm/summerfi-typescript-config-security-notice/MAL-2025-48424.json index 60b0583f15..d1a165bdb1 100644 --- a/osv/malicious/npm/summerfi-typescript-config-security-notice/MAL-2025-48424.json +++ b/osv/malicious/npm/summerfi-typescript-config-security-notice/MAL-2025-48424.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/synthetixio-deps-security-notice/MAL-2025-48425.json b/osv/malicious/npm/synthetixio-deps-security-notice/MAL-2025-48425.json index 4e646a4dfc..92b70a4b4c 100644 --- a/osv/malicious/npm/synthetixio-deps-security-notice/MAL-2025-48425.json +++ b/osv/malicious/npm/synthetixio-deps-security-notice/MAL-2025-48425.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/tombac/MAL-0000-tombac.json b/osv/malicious/npm/tombac/MAL-0000-tombac.json index c2b9e0753b..eba5482c31 100644 --- a/osv/malicious/npm/tombac/MAL-0000-tombac.json +++ b/osv/malicious/npm/tombac/MAL-0000-tombac.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-14T16:24:43.886Z", - "published": "2025-10-14T16:24:43.886Z", + "modified": "2025-10-14T16:24:43Z", + "published": "2025-10-14T16:24:43Z", "schema_version": "1.5.0", - "summary": "Malicious code in tombac package (npm)", + "id": "", + "summary": "Malicious code in tombac (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json index fa7a928f08..705d8e6bec 100644 --- a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json +++ b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in ui-library_mercadolibre (npm)", "details": "The package ui-library_mercadolibre was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/vite-plugin-parseflow/MAL-2025-48426.json b/osv/malicious/npm/vite-plugin-parseflow/MAL-2025-48426.json index 9ec1520222..bc098d07cf 100644 --- a/osv/malicious/npm/vite-plugin-parseflow/MAL-2025-48426.json +++ b/osv/malicious/npm/vite-plugin-parseflow/MAL-2025-48426.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json index c4c95a85c1..6a8fbcb0ee 100644 --- a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json +++ b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in web-palette-react (npm)", "details": "The package web-palette-react was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/yajusenpai/MAL-2025-48416.json b/osv/malicious/npm/yajusenpai/MAL-2025-48416.json index e919ca8ef3..22be532036 100644 --- a/osv/malicious/npm/yajusenpai/MAL-2025-48416.json +++ b/osv/malicious/npm/yajusenpai/MAL-2025-48416.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json index 5fd3db86ba..826d148371 100644 --- a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json +++ b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json @@ -2,6 +2,7 @@ "modified": "2025-10-14T16:18:33Z", "published": "2025-10-14T16:18:33Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in yugabyte_cloud (npm)", "details": "The package yugabyte_cloud was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} From f28758417220e45c056ee83adab3df6a823fb295 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Wed, 15 Oct 2025 10:02:37 -0500 Subject: [PATCH 24/42] Add malicious package entry: package-f Signed-off-by: Chi Tran --- .../npm/package-f/MAL-0000-package-f.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/package-f/MAL-0000-package-f.json diff --git a/osv/malicious/npm/package-f/MAL-0000-package-f.json b/osv/malicious/npm/package-f/MAL-0000-package-f.json new file mode 100644 index 0000000000..deae801f54 --- /dev/null +++ b/osv/malicious/npm/package-f/MAL-0000-package-f.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:02:37.321Z", + "published": "2025-10-15T15:02:37.321Z", + "schema_version": "1.5.0", + "summary": "Malicious code in package-f package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "package-f" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 1db4f7a3bd71abc8d37244fbce18177056abe47c Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Wed, 15 Oct 2025 10:12:42 -0500 Subject: [PATCH 25/42] Added reports Signed-off-by: Chi Tran --- .../sdk/MAL-0000-custom-widget-sdk.json | 12 +++---- .../core/MAL-0000-gala-analytics-core.json | 12 +++---- ...L-0000-gtpn-eslint-config-progressive.json | 12 +++---- .../MAL-0000-hotels-at-home-hah-fe-core.json | 34 +++++++++++++++++++ .../MAL-0000-naviance-translation-client.json | 12 +++---- .../commons/MAL-0000-sudt-faucet-commons.json | 12 +++---- .../MAL-0000-taskrabbit-meadow-web.json | 12 +++---- .../MAL-0000-undress-ai-best-undress-ai.json | 12 +++---- ...000-upside-flex-common-typescript-lib.json | 12 +++---- .../MAL-0000-vscode-bicep-ui-components.json | 12 +++---- ...L-0000-wen-community-wen-new-standard.json | 12 +++---- .../alef-frontend/MAL-0000-alef-frontend.json | 34 +++++++++++++++++++ .../aptos-protos/MAL-0000-aptos-protos.json | 12 +++---- .../MAL-0000-ccs-platform-js.json | 34 +++++++++++++++++++ .../ccs-platform/MAL-0000-ccs-platform.json | 34 +++++++++++++++++++ .../npm/codegrid-js/MAL-0000-codegrid-js.json | 12 +++---- .../MAL-0000-css-platform-js.json | 34 +++++++++++++++++++ .../npm/didirce/MAL-0000-didirce.json | 12 +++---- .../npm/doppler-sdk/MAL-0000-doppler-sdk.json | 12 +++---- .../npm/eero_blog/MAL-0000-eero_blog.json | 34 +++++++++++++++++++ .../gardr-finn-js/MAL-0000-gardr-finn-js.json | 34 +++++++++++++++++++ .../npm/gardr-finn/MAL-0000-gardr-finn.json | 34 +++++++++++++++++++ .../MAL-0000-hex-stablecoin.json | 34 +++++++++++++++++++ .../MAL-0000-humansdotai-humans-client.json | 12 +++---- .../MAL-0000-metronome-utils.json | 12 +++---- .../phlex-core-ui/MAL-0000-phlex-core-ui.json | 12 +++---- .../MAL-0000-tjt-podlet-frontpage.json | 34 +++++++++++++++++++ .../MAL-0000-ui-library_mercadolibre.json | 12 +++---- .../MAL-0000-web-palette-react.json | 12 +++---- .../MAL-0000-yugabyte_cloud.json | 12 +++---- 30 files changed, 420 insertions(+), 160 deletions(-) create mode 100644 osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json create mode 100644 osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json create mode 100644 osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json create mode 100644 osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json create mode 100644 osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json create mode 100644 osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json create mode 100644 osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json create mode 100644 osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json create mode 100644 osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json create mode 100644 osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json diff --git a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json index 9187ec9878..7d2edc8ec6 100644 --- a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json +++ b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @custom-widget/sdk (npm)", "details": "The package @custom-widget/sdk was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json index a89f82cf04..4124ffdad6 100644 --- a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json +++ b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @gala-analytics/core (npm)", "details": "The package @gala-analytics/core was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json index 556da6e9aa..3bb91bfb33 100644 --- a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json +++ b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @gtpn/eslint-config-progressive (npm)", "details": "The package @gtpn/eslint-config-progressive was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json b/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json new file mode 100644 index 0000000000..159c496e39 --- /dev/null +++ b/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @hotels-at-home/hah-fe-core (npm)", + "details": "The package @hotels-at-home/hah-fe-core was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@hotels-at-home/hah-fe-core" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json index 1d5471a385..1328319d93 100644 --- a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json +++ b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @naviance/translation-client (npm)", "details": "The package @naviance/translation-client was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json index efd8409131..3f7de01587 100644 --- a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json +++ b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @sudt-faucet/commons (npm)", "details": "The package @sudt-faucet/commons was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json index 2115ab8260..69db892dc9 100644 --- a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json +++ b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @taskrabbit/meadow-web (npm)", "details": "The package @taskrabbit/meadow-web was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json index f0a08be5fb..cb323827fb 100644 --- a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json +++ b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @undress-ai/best-undress-ai (npm)", "details": "The package @undress-ai/best-undress-ai was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json index c2c9940793..57bb017501 100644 --- a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json +++ b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @upside/flex-common-typescript-lib (npm)", "details": "The package @upside/flex-common-typescript-lib was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json index f0f98dfb4c..2afea65e95 100644 --- a/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json +++ b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @vscode-bicep-ui/components (npm)", "details": "The package @vscode-bicep-ui/components was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json index f5367925dd..311145e29f 100644 --- a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json +++ b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in @wen-community/wen-new-standard (npm)", "details": "The package @wen-community/wen-new-standard was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json b/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json new file mode 100644 index 0000000000..0901390ba1 --- /dev/null +++ b/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in alef-frontend (npm)", + "details": "The package alef-frontend was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "alef-frontend" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json index 61438e988f..45d8d9953e 100644 --- a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json +++ b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in aptos-protos (npm)", "details": "The package aptos-protos was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json b/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json new file mode 100644 index 0000000000..6ca15196db --- /dev/null +++ b/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in ccs-platform-js (npm)", + "details": "The package ccs-platform-js was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ccs-platform-js" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json b/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json new file mode 100644 index 0000000000..05bbd75539 --- /dev/null +++ b/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in ccs-platform (npm)", + "details": "The package ccs-platform was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ccs-platform" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json index 8f215438fc..4b7001fb99 100644 --- a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json +++ b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in codegrid-js (npm)", "details": "The package codegrid-js was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json b/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json new file mode 100644 index 0000000000..4d5cf1325e --- /dev/null +++ b/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in css-platform-js (npm)", + "details": "The package css-platform-js was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "css-platform-js" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/didirce/MAL-0000-didirce.json b/osv/malicious/npm/didirce/MAL-0000-didirce.json index e68503c6fa..c216234973 100644 --- a/osv/malicious/npm/didirce/MAL-0000-didirce.json +++ b/osv/malicious/npm/didirce/MAL-0000-didirce.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in didirce (npm)", "details": "The package didirce was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json index 27ca783397..03ca19631d 100644 --- a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json +++ b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in doppler-sdk (npm)", "details": "The package doppler-sdk was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json b/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json new file mode 100644 index 0000000000..522a937d5b --- /dev/null +++ b/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in eero_blog (npm)", + "details": "The package eero_blog was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "eero_blog" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json b/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json new file mode 100644 index 0000000000..2706136efb --- /dev/null +++ b/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in gardr-finn-js (npm)", + "details": "The package gardr-finn-js was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "gardr-finn-js" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json b/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json new file mode 100644 index 0000000000..35a1049589 --- /dev/null +++ b/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in gardr-finn (npm)", + "details": "The package gardr-finn was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "gardr-finn" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json b/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json new file mode 100644 index 0000000000..76487af7aa --- /dev/null +++ b/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in hex-stablecoin (npm)", + "details": "The package hex-stablecoin was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "hex-stablecoin" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json index 42578326b4..9bb620f0fb 100644 --- a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json +++ b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in humansdotai-humans-client (npm)", "details": "The package humansdotai-humans-client was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json index e5991dc338..0c3e313d15 100644 --- a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json +++ b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in metronome-utils (npm)", "details": "The package metronome-utils was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json index b38ed90ee2..dab449cbd6 100644 --- a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json +++ b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in phlex-core-ui (npm)", "details": "The package phlex-core-ui was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json b/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json new file mode 100644 index 0000000000..5b09009cda --- /dev/null +++ b/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", + "schema_version": "1.5.0", + "summary": "Malicious code in tjt-podlet-frontpage (npm)", + "details": "The package tjt-podlet-frontpage was found to contain malicious code.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "tjt-podlet-frontpage" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json index 705d8e6bec..0bd567000b 100644 --- a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json +++ b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in ui-library_mercadolibre (npm)", "details": "The package ui-library_mercadolibre was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json index 6a8fbcb0ee..e04e8fa927 100644 --- a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json +++ b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in web-palette-react (npm)", "details": "The package web-palette-react was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file diff --git a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json index 826d148371..d5bafa0de7 100644 --- a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json +++ b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json @@ -1,8 +1,7 @@ { - "modified": "2025-10-14T16:18:33Z", - "published": "2025-10-14T16:18:33Z", + "modified": "2025-10-15T15:10:53Z", + "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", - "id": "", "summary": "Malicious code in yugabyte_cloud (npm)", "details": "The package yugabyte_cloud was found to contain malicious code.", "affected": [ @@ -31,8 +30,5 @@ "actran@amazon.com" ] } - ], - "database_specific": { - "malicious-packages-origins": null - } -} + ] +} \ No newline at end of file From 8dbc4103a6202d7aa7079b8fce4c6cb6f73739b1 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Thu, 16 Oct 2025 22:21:06 -0500 Subject: [PATCH 26/42] Added reports Signed-off-by: Chi Tran --- .../sdk/MAL-0000-custom-widget-sdk.json | 8 +++- .../core/MAL-0000-gala-analytics-core.json | 8 +++- ...L-0000-gtpn-eslint-config-progressive.json | 8 +++- .../MAL-0000-hotels-at-home-hah-fe-core.json | 8 +++- .../MAL-0000-naviance-translation-client.json | 8 +++- .../commons/MAL-0000-sudt-faucet-commons.json | 8 +++- .../MAL-0000-taskrabbit-meadow-web.json | 8 +++- .../MAL-0000-undress-ai-best-undress-ai.json | 8 +++- ...000-upside-flex-common-typescript-lib.json | 8 +++- .../MAL-0000-vscode-bicep-ui-components.json | 8 +++- ...L-0000-wen-community-wen-new-standard.json | 8 +++- .../alef-frontend/MAL-0000-alef-frontend.json | 8 +++- .../aptos-protos/MAL-0000-aptos-protos.json | 8 +++- .../MAL-0000-batchw-test-common-config.json | 38 ------------------- .../MAL-2025-48427.json | 35 ++++++++++++----- .../MAL-0000-ccs-platform-js.json | 8 +++- .../ccs-platform/MAL-0000-ccs-platform.json | 8 +++- .../npm/codegrid-js/MAL-0000-codegrid-js.json | 8 +++- .../MAL-2025-48432.json | 7 ++++ .../MAL-2025-48433.json | 7 ++++ .../MAL-0000-css-platform-js.json | 8 +++- .../npm/debug-mj-v3/MAL-0000-debug-mj-v3.json | 38 ------------------- .../npm/debug-mj-v3/MAL-2025-48430.json | 35 ++++++++++++----- .../npm/debug-mj/MAL-0000-debug-mj.json | 38 ------------------- .../npm/debug-mj/MAL-2025-48429.json | 35 ++++++++++++----- .../npm/didirce/MAL-0000-didirce.json | 8 +++- .../npm/doppler-sdk/MAL-0000-doppler-sdk.json | 8 +++- .../npm/eero_blog/MAL-0000-eero_blog.json | 8 +++- .../npm/enjin-docs/MAL-2025-48431.json | 7 ++++ .../gardr-finn-js/MAL-0000-gardr-finn-js.json | 8 +++- .../npm/gardr-finn/MAL-0000-gardr-finn.json | 8 +++- .../MAL-0000-hex-stablecoin.json | 8 +++- .../MAL-0000-humansdotai-humans-client.json | 8 +++- .../hyperion-react-native/MAL-2025-48437.json | 7 ++++ .../MAL-2025-48434.json | 7 ++++ .../MAL-0000-metronome-utils.json | 8 +++- .../MAL-2025-48438.json | 9 +++++ .../npm/package-f/MAL-0000-package-f.json | 34 ----------------- .../npm/package-f/MAL-2025-48428.json | 25 ++++++++---- .../phlex-core-ui/MAL-0000-phlex-core-ui.json | 8 +++- .../npm/pino-logging/MAL-2025-48435.json | 9 +++++ .../swagger-express-cli/MAL-2025-48439.json | 9 +++++ .../npm/tailwind-utilx/MAL-2025-48436.json | 9 +++++ .../MAL-0000-tjt-podlet-frontpage.json | 8 +++- .../MAL-0000-ui-library_mercadolibre.json | 8 +++- .../usage-tracker-secured/MAL-2025-48440.json | 9 +++++ .../MAL-0000-web-palette-react.json | 8 +++- .../npm/webpack-loadcss/MAL-2025-48441.json | 9 +++++ .../npm/ynab_api/MAL-2025-48442.json | 9 +++++ .../MAL-0000-yugabyte_cloud.json | 8 +++- 50 files changed, 373 insertions(+), 243 deletions(-) delete mode 100644 osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json delete mode 100644 osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json delete mode 100644 osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json delete mode 100644 osv/malicious/npm/package-f/MAL-0000-package-f.json diff --git a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json index 7d2edc8ec6..0a5fa93091 100644 --- a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json +++ b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @custom-widget/sdk (npm)", "details": "The package @custom-widget/sdk was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json index 4124ffdad6..f79fd7b354 100644 --- a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json +++ b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @gala-analytics/core (npm)", "details": "The package @gala-analytics/core was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json index 3bb91bfb33..454e9f79a2 100644 --- a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json +++ b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @gtpn/eslint-config-progressive (npm)", "details": "The package @gtpn/eslint-config-progressive was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json b/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json index 159c496e39..3011692e79 100644 --- a/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json +++ b/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @hotels-at-home/hah-fe-core (npm)", "details": "The package @hotels-at-home/hah-fe-core was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json index 1328319d93..14b230a00f 100644 --- a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json +++ b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @naviance/translation-client (npm)", "details": "The package @naviance/translation-client was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json index 3f7de01587..7a32043b68 100644 --- a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json +++ b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @sudt-faucet/commons (npm)", "details": "The package @sudt-faucet/commons was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json index 69db892dc9..8c1ed1c762 100644 --- a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json +++ b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @taskrabbit/meadow-web (npm)", "details": "The package @taskrabbit/meadow-web was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json index cb323827fb..86120129e0 100644 --- a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json +++ b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @undress-ai/best-undress-ai (npm)", "details": "The package @undress-ai/best-undress-ai was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json index 57bb017501..3fe46a31af 100644 --- a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json +++ b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @upside/flex-common-typescript-lib (npm)", "details": "The package @upside/flex-common-typescript-lib was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json index 2afea65e95..e0d83349ab 100644 --- a/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json +++ b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @vscode-bicep-ui/components (npm)", "details": "The package @vscode-bicep-ui/components was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json index 311145e29f..c3e503d3fe 100644 --- a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json +++ b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in @wen-community/wen-new-standard (npm)", "details": "The package @wen-community/wen-new-standard was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json b/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json index 0901390ba1..eddebbac9e 100644 --- a/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json +++ b/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in alef-frontend (npm)", "details": "The package alef-frontend was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json index 45d8d9953e..cca3f1f049 100644 --- a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json +++ b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in aptos-protos (npm)", "details": "The package aptos-protos was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json b/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json deleted file mode 100644 index 34e236f629..0000000000 --- a/osv/malicious/npm/batchw-test-common-config/MAL-0000-batchw-test-common-config.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "modified": "2025-10-14T21:06:54Z", - "published": "2025-10-14T21:06:54Z", - "schema_version": "1.5.0", - "id": "", - "summary": "Malicious code in batchw-test-common-config (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "batchw-test-common-config" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "1.1.0" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ], - "database_specific": { - "malicious-packages-origins": null - } -} diff --git a/osv/malicious/npm/batchw-test-common-config/MAL-2025-48427.json b/osv/malicious/npm/batchw-test-common-config/MAL-2025-48427.json index c7a44719e9..22e3045535 100644 --- a/osv/malicious/npm/batchw-test-common-config/MAL-2025-48427.json +++ b/osv/malicious/npm/batchw-test-common-config/MAL-2025-48427.json @@ -1,13 +1,13 @@ { - "modified": "2025-10-15T14:50:44Z", - "published": "2025-10-15T14:50:38Z", + "modified": "2025-10-17T03:20:29Z", + "published": "2025-10-14T21:06:54Z", "schema_version": "1.5.0", "id": "MAL-2025-48427", "aliases": [ "GHSA-vjh7-pg5m-6598" ], "summary": "Malicious code in batchw-test-common-config (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (af5e9b5b07a6f6f901ab96aa3b48d3b80dc1c0928d03c4cd4018422a15ced54b)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (af5e9b5b07a6f6f901ab96aa3b48d3b80dc1c0928d03c4cd4018422a15ced54b)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -22,6 +22,14 @@ "introduced": "0" } ] + }, + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.1.0" + } + ] } ], "database_specific": { @@ -41,24 +49,33 @@ "url": "https://github.com/advisories/GHSA-vjh7-pg5m-6598" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-vjh7-pg5m-6598", + "source": "ghsa-malware", + "sha256": "af5e9b5b07a6f6f901ab96aa3b48d3b80dc1c0928d03c4cd4018422a15ced54b", "import_time": "2025-10-15T15:23:00.02799171Z", + "id": "GHSA-vjh7-pg5m-6598", "modified_time": "2025-10-15T14:50:44Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "af5e9b5b07a6f6f901ab96aa3b48d3b80dc1c0928d03c4cd4018422a15ced54b", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json b/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json index 6ca15196db..9ed2b94eb4 100644 --- a/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json +++ b/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in ccs-platform-js (npm)", "details": "The package ccs-platform-js was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json b/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json index 05bbd75539..3f71359644 100644 --- a/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json +++ b/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in ccs-platform (npm)", "details": "The package ccs-platform was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json index 4b7001fb99..df0dd2b73d 100644 --- a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json +++ b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in codegrid-js (npm)", "details": "The package codegrid-js was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/company-browser-package/MAL-2025-48432.json b/osv/malicious/npm/company-browser-package/MAL-2025-48432.json index b24c34ebe4..b1daf83094 100644 --- a/osv/malicious/npm/company-browser-package/MAL-2025-48432.json +++ b/osv/malicious/npm/company-browser-package/MAL-2025-48432.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/corp-ais-client-my-channel-lib/MAL-2025-48433.json b/osv/malicious/npm/corp-ais-client-my-channel-lib/MAL-2025-48433.json index 4b2a34b4fe..2f1b0cca8e 100644 --- a/osv/malicious/npm/corp-ais-client-my-channel-lib/MAL-2025-48433.json +++ b/osv/malicious/npm/corp-ais-client-my-channel-lib/MAL-2025-48433.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json b/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json index 4d5cf1325e..40e32df024 100644 --- a/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json +++ b/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in css-platform-js (npm)", "details": "The package css-platform-js was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json b/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json deleted file mode 100644 index 3aa753b0f6..0000000000 --- a/osv/malicious/npm/debug-mj-v3/MAL-0000-debug-mj-v3.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "modified": "2025-10-14T03:28:14Z", - "published": "2025-10-14T03:28:14Z", - "schema_version": "1.5.0", - "id": "", - "summary": "Malicious code in debug-mj-v3 (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "debug-mj-v3" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "1.0.0" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ], - "database_specific": { - "malicious-packages-origins": null - } -} diff --git a/osv/malicious/npm/debug-mj-v3/MAL-2025-48430.json b/osv/malicious/npm/debug-mj-v3/MAL-2025-48430.json index d5f5303a24..330d1d8d0e 100644 --- a/osv/malicious/npm/debug-mj-v3/MAL-2025-48430.json +++ b/osv/malicious/npm/debug-mj-v3/MAL-2025-48430.json @@ -1,13 +1,13 @@ { - "modified": "2025-10-15T15:42:12Z", - "published": "2025-10-15T15:42:11Z", + "modified": "2025-10-17T03:20:29Z", + "published": "2025-10-14T03:28:14Z", "schema_version": "1.5.0", "id": "MAL-2025-48430", "aliases": [ "GHSA-r3c5-cw7x-rp2w" ], "summary": "Malicious code in debug-mj-v3 (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (74c0451e3b813ae12fff8e9f76bd4570a074a6bda1a7391e28f789182a6cb0e6)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (74c0451e3b813ae12fff8e9f76bd4570a074a6bda1a7391e28f789182a6cb0e6)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -22,6 +22,14 @@ "introduced": "0" } ] + }, + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] } ], "database_specific": { @@ -41,24 +49,33 @@ "url": "https://github.com/advisories/GHSA-r3c5-cw7x-rp2w" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-r3c5-cw7x-rp2w", + "source": "ghsa-malware", + "sha256": "74c0451e3b813ae12fff8e9f76bd4570a074a6bda1a7391e28f789182a6cb0e6", "import_time": "2025-10-15T16:23:21.883590873Z", + "id": "GHSA-r3c5-cw7x-rp2w", "modified_time": "2025-10-15T15:42:12Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "74c0451e3b813ae12fff8e9f76bd4570a074a6bda1a7391e28f789182a6cb0e6", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json b/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json deleted file mode 100644 index 540f4e1fa4..0000000000 --- a/osv/malicious/npm/debug-mj/MAL-0000-debug-mj.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "modified": "2025-10-14T03:31:00Z", - "published": "2025-10-14T03:31:00Z", - "schema_version": "1.5.0", - "id": "", - "summary": "Malicious code in debug-mj (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "debug-mj" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "1.0.0" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ], - "database_specific": { - "malicious-packages-origins": null - } -} diff --git a/osv/malicious/npm/debug-mj/MAL-2025-48429.json b/osv/malicious/npm/debug-mj/MAL-2025-48429.json index 74c576e55d..e272c20006 100644 --- a/osv/malicious/npm/debug-mj/MAL-2025-48429.json +++ b/osv/malicious/npm/debug-mj/MAL-2025-48429.json @@ -1,13 +1,13 @@ { - "modified": "2025-10-15T15:42:12Z", - "published": "2025-10-15T15:42:11Z", + "modified": "2025-10-17T03:20:29Z", + "published": "2025-10-14T03:31:00Z", "schema_version": "1.5.0", "id": "MAL-2025-48429", "aliases": [ "GHSA-53wf-4p29-6x4w" ], "summary": "Malicious code in debug-mj (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (9f60289f1a0f9296cf8aa9ed744c256c0963a95dc751ff52a708d2676d14825a)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (9f60289f1a0f9296cf8aa9ed744c256c0963a95dc751ff52a708d2676d14825a)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -22,6 +22,14 @@ "introduced": "0" } ] + }, + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] } ], "database_specific": { @@ -41,24 +49,33 @@ "url": "https://github.com/advisories/GHSA-53wf-4p29-6x4w" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-53wf-4p29-6x4w", + "source": "ghsa-malware", + "sha256": "9f60289f1a0f9296cf8aa9ed744c256c0963a95dc751ff52a708d2676d14825a", "import_time": "2025-10-15T16:23:21.875318471Z", + "id": "GHSA-53wf-4p29-6x4w", "modified_time": "2025-10-15T15:42:12Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "9f60289f1a0f9296cf8aa9ed744c256c0963a95dc751ff52a708d2676d14825a", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/didirce/MAL-0000-didirce.json b/osv/malicious/npm/didirce/MAL-0000-didirce.json index c216234973..1af6e47907 100644 --- a/osv/malicious/npm/didirce/MAL-0000-didirce.json +++ b/osv/malicious/npm/didirce/MAL-0000-didirce.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in didirce (npm)", "details": "The package didirce was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json index 03ca19631d..477499da77 100644 --- a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json +++ b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in doppler-sdk (npm)", "details": "The package doppler-sdk was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json b/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json index 522a937d5b..ef03672664 100644 --- a/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json +++ b/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in eero_blog (npm)", "details": "The package eero_blog was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/enjin-docs/MAL-2025-48431.json b/osv/malicious/npm/enjin-docs/MAL-2025-48431.json index 68bc54b4bc..b7ef285b68 100644 --- a/osv/malicious/npm/enjin-docs/MAL-2025-48431.json +++ b/osv/malicious/npm/enjin-docs/MAL-2025-48431.json @@ -23,6 +23,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json b/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json index 2706136efb..d71ca2145a 100644 --- a/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json +++ b/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in gardr-finn-js (npm)", "details": "The package gardr-finn-js was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json b/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json index 35a1049589..3d47e049d2 100644 --- a/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json +++ b/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in gardr-finn (npm)", "details": "The package gardr-finn was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json b/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json index 76487af7aa..247d0ca59b 100644 --- a/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json +++ b/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in hex-stablecoin (npm)", "details": "The package hex-stablecoin was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json index 9bb620f0fb..cdd0a97352 100644 --- a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json +++ b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in humansdotai-humans-client (npm)", "details": "The package humansdotai-humans-client was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/hyperion-react-native/MAL-2025-48437.json b/osv/malicious/npm/hyperion-react-native/MAL-2025-48437.json index dcf0c4b262..048155c339 100644 --- a/osv/malicious/npm/hyperion-react-native/MAL-2025-48437.json +++ b/osv/malicious/npm/hyperion-react-native/MAL-2025-48437.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/internal-plugin-lifecycle-card/MAL-2025-48434.json b/osv/malicious/npm/internal-plugin-lifecycle-card/MAL-2025-48434.json index 610f322635..b53f757ffb 100644 --- a/osv/malicious/npm/internal-plugin-lifecycle-card/MAL-2025-48434.json +++ b/osv/malicious/npm/internal-plugin-lifecycle-card/MAL-2025-48434.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json index 0c3e313d15..c9173ae714 100644 --- a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json +++ b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in metronome-utils (npm)", "details": "The package metronome-utils was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/n8n-nodes-phoai-ultimate-tools/MAL-2025-48438.json b/osv/malicious/npm/n8n-nodes-phoai-ultimate-tools/MAL-2025-48438.json index 051cd5cbac..9b2bcbc02a 100644 --- a/osv/malicious/npm/n8n-nodes-phoai-ultimate-tools/MAL-2025-48438.json +++ b/osv/malicious/npm/n8n-nodes-phoai-ultimate-tools/MAL-2025-48438.json @@ -59,6 +59,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/package-f/MAL-0000-package-f.json b/osv/malicious/npm/package-f/MAL-0000-package-f.json deleted file mode 100644 index deae801f54..0000000000 --- a/osv/malicious/npm/package-f/MAL-0000-package-f.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "modified": "2025-10-15T15:02:37.321Z", - "published": "2025-10-15T15:02:37.321Z", - "schema_version": "1.5.0", - "summary": "Malicious code in package-f package (npm)", - "details": "The package communicates with a domain associated with malicious activity.", - "affected": [ - { - "package": { - "ecosystem": "npm", - "name": "package-f" - }, - "ranges": [ - { - "type": "SEMVER", - "events": [ - { - "introduced": "0" - } - ] - } - ] - } - ], - "credits": [ - { - "name": "Amazon Inspector", - "type": "FINDER", - "contact": [ - "actran@amazon.com" - ] - } - ] -} \ No newline at end of file diff --git a/osv/malicious/npm/package-f/MAL-2025-48428.json b/osv/malicious/npm/package-f/MAL-2025-48428.json index 0a811f7a9d..13c9fd0c2a 100644 --- a/osv/malicious/npm/package-f/MAL-2025-48428.json +++ b/osv/malicious/npm/package-f/MAL-2025-48428.json @@ -1,5 +1,5 @@ { - "modified": "2025-10-15T14:50:43Z", + "modified": "2025-10-17T03:20:31Z", "published": "2025-10-15T14:50:38Z", "schema_version": "1.5.0", "id": "MAL-2025-48428", @@ -7,7 +7,7 @@ "GHSA-29qh-7q5q-jqv5" ], "summary": "Malicious code in package-f (npm)", - "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (1deec43d176fc23dbd4cb44b3e1d4e90821cb98e441004f83c872d49ca281ac9)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", + "details": "The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (1deec43d176fc23dbd4cb44b3e1d4e90821cb98e441004f83c872d49ca281ac9)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n", "affected": [ { "package": { @@ -41,24 +41,33 @@ "url": "https://github.com/advisories/GHSA-29qh-7q5q-jqv5" } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "database_specific": { "malicious-packages-origins": [ { - "id": "GHSA-29qh-7q5q-jqv5", + "source": "ghsa-malware", + "sha256": "1deec43d176fc23dbd4cb44b3e1d4e90821cb98e441004f83c872d49ca281ac9", "import_time": "2025-10-15T15:23:00.016176069Z", + "id": "GHSA-29qh-7q5q-jqv5", "modified_time": "2025-10-15T14:50:43Z", "ranges": [ { + "type": "SEMVER", "events": [ { "introduced": "0" } - ], - "type": "SEMVER" + ] } - ], - "sha256": "1deec43d176fc23dbd4cb44b3e1d4e90821cb98e441004f83c872d49ca281ac9", - "source": "ghsa-malware" + ] } ] } diff --git a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json index dab449cbd6..46f6a060c1 100644 --- a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json +++ b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in phlex-core-ui (npm)", "details": "The package phlex-core-ui was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/pino-logging/MAL-2025-48435.json b/osv/malicious/npm/pino-logging/MAL-2025-48435.json index e5ed0ead30..3b67866b13 100644 --- a/osv/malicious/npm/pino-logging/MAL-2025-48435.json +++ b/osv/malicious/npm/pino-logging/MAL-2025-48435.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/swagger-express-cli/MAL-2025-48439.json b/osv/malicious/npm/swagger-express-cli/MAL-2025-48439.json index 55c14973dd..9ede91df38 100644 --- a/osv/malicious/npm/swagger-express-cli/MAL-2025-48439.json +++ b/osv/malicious/npm/swagger-express-cli/MAL-2025-48439.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/tailwind-utilx/MAL-2025-48436.json b/osv/malicious/npm/tailwind-utilx/MAL-2025-48436.json index 2e72329a0f..68a41c9971 100644 --- a/osv/malicious/npm/tailwind-utilx/MAL-2025-48436.json +++ b/osv/malicious/npm/tailwind-utilx/MAL-2025-48436.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json b/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json index 5b09009cda..00de30a7d3 100644 --- a/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json +++ b/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in tjt-podlet-frontpage (npm)", "details": "The package tjt-podlet-frontpage was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json index 0bd567000b..06e4bd8caf 100644 --- a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json +++ b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in ui-library_mercadolibre (npm)", "details": "The package ui-library_mercadolibre was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/usage-tracker-secured/MAL-2025-48440.json b/osv/malicious/npm/usage-tracker-secured/MAL-2025-48440.json index 03201b9ea1..aae61f04e8 100644 --- a/osv/malicious/npm/usage-tracker-secured/MAL-2025-48440.json +++ b/osv/malicious/npm/usage-tracker-secured/MAL-2025-48440.json @@ -29,6 +29,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json index e04e8fa927..aab951d586 100644 --- a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json +++ b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in web-palette-react (npm)", "details": "The package web-palette-react was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/webpack-loadcss/MAL-2025-48441.json b/osv/malicious/npm/webpack-loadcss/MAL-2025-48441.json index 9058a2ef09..3de6fe80c1 100644 --- a/osv/malicious/npm/webpack-loadcss/MAL-2025-48441.json +++ b/osv/malicious/npm/webpack-loadcss/MAL-2025-48441.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/ynab_api/MAL-2025-48442.json b/osv/malicious/npm/ynab_api/MAL-2025-48442.json index c8e74990c6..8c9083c3bd 100644 --- a/osv/malicious/npm/ynab_api/MAL-2025-48442.json +++ b/osv/malicious/npm/ynab_api/MAL-2025-48442.json @@ -35,6 +35,15 @@ } } ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ], "references": [ { "type": "ADVISORY", diff --git a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json index d5bafa0de7..b868c286b8 100644 --- a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json +++ b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json @@ -2,6 +2,7 @@ "modified": "2025-10-15T15:10:53Z", "published": "2025-10-15T15:10:53Z", "schema_version": "1.5.0", + "id": "", "summary": "Malicious code in yugabyte_cloud (npm)", "details": "The package yugabyte_cloud was found to contain malicious code.", "affected": [ @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} From a3a85a70a98ed8445864d04a52fee238dc57cc41 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Thu, 16 Oct 2025 22:22:06 -0500 Subject: [PATCH 27/42] Add malicious package entry: internal-forc Signed-off-by: Chi Tran --- .../internal-forc/MAL-0000-internal-forc.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/internal-forc/MAL-0000-internal-forc.json diff --git a/osv/malicious/npm/internal-forc/MAL-0000-internal-forc.json b/osv/malicious/npm/internal-forc/MAL-0000-internal-forc.json new file mode 100644 index 0000000000..443fbf004e --- /dev/null +++ b/osv/malicious/npm/internal-forc/MAL-0000-internal-forc.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-17T03:22:05.580Z", + "published": "2025-10-17T03:22:05.580Z", + "schema_version": "1.5.0", + "summary": "Malicious code in internal-forc package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "internal-forc" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "99.9.9" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 3aec1002da1764f151cfb7e825c1a581437991ba Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Thu, 16 Oct 2025 22:22:12 -0500 Subject: [PATCH 28/42] Add malicious package entry: internal-config Signed-off-by: Chi Tran --- .../MAL-0000-internal-config.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/internal-config/MAL-0000-internal-config.json diff --git a/osv/malicious/npm/internal-config/MAL-0000-internal-config.json b/osv/malicious/npm/internal-config/MAL-0000-internal-config.json new file mode 100644 index 0000000000..31db2ceb13 --- /dev/null +++ b/osv/malicious/npm/internal-config/MAL-0000-internal-config.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-17T03:22:12.349Z", + "published": "2025-10-17T03:22:12.349Z", + "schema_version": "1.5.0", + "summary": "Malicious code in internal-config package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "internal-config" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "99.9.9" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From f7e9b08b79224dd8c47c4e88a3ce36bcc262c9cf Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Thu, 16 Oct 2025 22:25:21 -0500 Subject: [PATCH 29/42] Add malicious package entry: api_halodoc Signed-off-by: Chi Tran --- .../npm/api_halodoc/MAL-0000-apihalodoc.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/api_halodoc/MAL-0000-apihalodoc.json diff --git a/osv/malicious/npm/api_halodoc/MAL-0000-apihalodoc.json b/osv/malicious/npm/api_halodoc/MAL-0000-apihalodoc.json new file mode 100644 index 0000000000..0fce961e3e --- /dev/null +++ b/osv/malicious/npm/api_halodoc/MAL-0000-apihalodoc.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-17T03:25:21.656Z", + "published": "2025-10-17T03:25:21.656Z", + "schema_version": "1.5.0", + "summary": "Malicious code in api_halodoc package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "api_halodoc" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From d66849609537516696a8dadab90bdffb337847a9 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Thu, 16 Oct 2025 22:26:41 -0500 Subject: [PATCH 30/42] Add malicious package entry: @nunes_nunes/loader-base Signed-off-by: Chi Tran --- .../MAL-0000-nunes_nunes-loader-base.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/@nunes_nunes/loader-base/MAL-0000-nunes_nunes-loader-base.json diff --git a/osv/malicious/npm/@nunes_nunes/loader-base/MAL-0000-nunes_nunes-loader-base.json b/osv/malicious/npm/@nunes_nunes/loader-base/MAL-0000-nunes_nunes-loader-base.json new file mode 100644 index 0000000000..acc3a80520 --- /dev/null +++ b/osv/malicious/npm/@nunes_nunes/loader-base/MAL-0000-nunes_nunes-loader-base.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-17T03:26:41.480Z", + "published": "2025-10-17T03:26:41.480Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @nunes_nunes/loader-base package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@nunes_nunes/loader-base" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0.1.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From b1832f72037c20c64ec14f6292b1fd01ebee5154 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Thu, 16 Oct 2025 22:26:54 -0500 Subject: [PATCH 31/42] Add malicious package entry: ec-component-loader Signed-off-by: Chi Tran --- .../MAL-0000-ec-component-loader.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/ec-component-loader/MAL-0000-ec-component-loader.json diff --git a/osv/malicious/npm/ec-component-loader/MAL-0000-ec-component-loader.json b/osv/malicious/npm/ec-component-loader/MAL-0000-ec-component-loader.json new file mode 100644 index 0000000000..bb4bbc2adf --- /dev/null +++ b/osv/malicious/npm/ec-component-loader/MAL-0000-ec-component-loader.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-17T03:26:54.621Z", + "published": "2025-10-17T03:26:54.621Z", + "schema_version": "1.5.0", + "summary": "Malicious code in ec-component-loader package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "ec-component-loader" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "0.1.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 211a860df0ee1a9e07b1c84551ca7454fe8c274f Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Thu, 16 Oct 2025 22:29:30 -0500 Subject: [PATCH 32/42] Added reports Signed-off-by: Chi Tran --- .../npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json | 4 ++-- .../@gala-analytics/core/MAL-0000-gala-analytics-core.json | 4 ++-- .../MAL-0000-gtpn-eslint-config-progressive.json | 4 ++-- .../hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json | 4 ++-- .../MAL-0000-naviance-translation-client.json | 4 ++-- .../@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json | 4 ++-- .../meadow-web/MAL-0000-taskrabbit-meadow-web.json | 4 ++-- .../best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json | 4 ++-- .../MAL-0000-upside-flex-common-typescript-lib.json | 4 ++-- .../components/MAL-0000-vscode-bicep-ui-components.json | 4 ++-- .../MAL-0000-wen-community-wen-new-standard.json | 4 ++-- osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json | 4 ++-- osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json | 4 ++-- .../npm/ccs-platform-js/MAL-0000-ccs-platform-js.json | 4 ++-- osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json | 4 ++-- osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json | 4 ++-- osv/malicious/npm/company-browser-package/MAL-2025-48432.json | 1 + .../npm/corp-ais-client-my-channel-lib/MAL-2025-48433.json | 1 + .../npm/css-platform-js/MAL-0000-css-platform-js.json | 4 ++-- osv/malicious/npm/didirce/MAL-0000-didirce.json | 4 ++-- osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json | 4 ++-- osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json | 4 ++-- osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json | 4 ++-- osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json | 4 ++-- osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json | 4 ++-- .../MAL-0000-humansdotai-humans-client.json | 4 ++-- .../npm/internal-plugin-lifecycle-card/MAL-2025-48434.json | 1 + .../npm/metronome-utils/MAL-0000-metronome-utils.json | 4 ++-- osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json | 4 ++-- .../tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json | 4 ++-- .../MAL-0000-ui-library_mercadolibre.json | 4 ++-- .../npm/web-palette-react/MAL-0000-web-palette-react.json | 4 ++-- osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json | 4 ++-- 33 files changed, 63 insertions(+), 60 deletions(-) diff --git a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json index 0a5fa93091..cb13ad5da3 100644 --- a/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json +++ b/osv/malicious/npm/@custom-widget/sdk/MAL-0000-custom-widget-sdk.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @custom-widget/sdk (npm)", diff --git a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json index f79fd7b354..a8e854f2ec 100644 --- a/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json +++ b/osv/malicious/npm/@gala-analytics/core/MAL-0000-gala-analytics-core.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @gala-analytics/core (npm)", diff --git a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json index 454e9f79a2..6d9a666e35 100644 --- a/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json +++ b/osv/malicious/npm/@gtpn/eslint-config-progressive/MAL-0000-gtpn-eslint-config-progressive.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @gtpn/eslint-config-progressive (npm)", diff --git a/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json b/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json index 3011692e79..9d5b069814 100644 --- a/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json +++ b/osv/malicious/npm/@hotels-at-home/hah-fe-core/MAL-0000-hotels-at-home-hah-fe-core.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @hotels-at-home/hah-fe-core (npm)", diff --git a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json index 14b230a00f..4ad97e6850 100644 --- a/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json +++ b/osv/malicious/npm/@naviance/translation-client/MAL-0000-naviance-translation-client.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @naviance/translation-client (npm)", diff --git a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json index 7a32043b68..b96b207bf7 100644 --- a/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json +++ b/osv/malicious/npm/@sudt-faucet/commons/MAL-0000-sudt-faucet-commons.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @sudt-faucet/commons (npm)", diff --git a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json index 8c1ed1c762..8289e7cd99 100644 --- a/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json +++ b/osv/malicious/npm/@taskrabbit/meadow-web/MAL-0000-taskrabbit-meadow-web.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @taskrabbit/meadow-web (npm)", diff --git a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json index 86120129e0..f69a092e20 100644 --- a/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json +++ b/osv/malicious/npm/@undress-ai/best-undress-ai/MAL-0000-undress-ai-best-undress-ai.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @undress-ai/best-undress-ai (npm)", diff --git a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json index 3fe46a31af..2b32d0d64b 100644 --- a/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json +++ b/osv/malicious/npm/@upside/flex-common-typescript-lib/MAL-0000-upside-flex-common-typescript-lib.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @upside/flex-common-typescript-lib (npm)", diff --git a/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json index e0d83349ab..75237a3d0a 100644 --- a/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json +++ b/osv/malicious/npm/@vscode-bicep-ui/components/MAL-0000-vscode-bicep-ui-components.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @vscode-bicep-ui/components (npm)", diff --git a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json index c3e503d3fe..e02a3bf542 100644 --- a/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json +++ b/osv/malicious/npm/@wen-community/wen-new-standard/MAL-0000-wen-community-wen-new-standard.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in @wen-community/wen-new-standard (npm)", diff --git a/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json b/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json index eddebbac9e..dcebb95c70 100644 --- a/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json +++ b/osv/malicious/npm/alef-frontend/MAL-0000-alef-frontend.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in alef-frontend (npm)", diff --git a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json index cca3f1f049..d65e83d77d 100644 --- a/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json +++ b/osv/malicious/npm/aptos-protos/MAL-0000-aptos-protos.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in aptos-protos (npm)", diff --git a/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json b/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json index 9ed2b94eb4..bbc048b875 100644 --- a/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json +++ b/osv/malicious/npm/ccs-platform-js/MAL-0000-ccs-platform-js.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in ccs-platform-js (npm)", diff --git a/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json b/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json index 3f71359644..32f84e91a7 100644 --- a/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json +++ b/osv/malicious/npm/ccs-platform/MAL-0000-ccs-platform.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in ccs-platform (npm)", diff --git a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json index df0dd2b73d..189b58936e 100644 --- a/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json +++ b/osv/malicious/npm/codegrid-js/MAL-0000-codegrid-js.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in codegrid-js (npm)", diff --git a/osv/malicious/npm/company-browser-package/MAL-2025-48432.json b/osv/malicious/npm/company-browser-package/MAL-2025-48432.json index b1daf83094..a67edd66de 100644 --- a/osv/malicious/npm/company-browser-package/MAL-2025-48432.json +++ b/osv/malicious/npm/company-browser-package/MAL-2025-48432.json @@ -12,6 +12,7 @@ "name": "company-browser-package" }, "versions": [ + "99.9.9", "99.9.10" ] } diff --git a/osv/malicious/npm/corp-ais-client-my-channel-lib/MAL-2025-48433.json b/osv/malicious/npm/corp-ais-client-my-channel-lib/MAL-2025-48433.json index 2f1b0cca8e..73352e3527 100644 --- a/osv/malicious/npm/corp-ais-client-my-channel-lib/MAL-2025-48433.json +++ b/osv/malicious/npm/corp-ais-client-my-channel-lib/MAL-2025-48433.json @@ -12,6 +12,7 @@ "name": "corp-ais-client-my-channel-lib" }, "versions": [ + "99.9.9", "99.9.10" ] } diff --git a/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json b/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json index 40e32df024..a3b3c86266 100644 --- a/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json +++ b/osv/malicious/npm/css-platform-js/MAL-0000-css-platform-js.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in css-platform-js (npm)", diff --git a/osv/malicious/npm/didirce/MAL-0000-didirce.json b/osv/malicious/npm/didirce/MAL-0000-didirce.json index 1af6e47907..7c41e53f32 100644 --- a/osv/malicious/npm/didirce/MAL-0000-didirce.json +++ b/osv/malicious/npm/didirce/MAL-0000-didirce.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in didirce (npm)", diff --git a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json index 477499da77..50cbf30be9 100644 --- a/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json +++ b/osv/malicious/npm/doppler-sdk/MAL-0000-doppler-sdk.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in doppler-sdk (npm)", diff --git a/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json b/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json index ef03672664..44246abcdd 100644 --- a/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json +++ b/osv/malicious/npm/eero_blog/MAL-0000-eero_blog.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in eero_blog (npm)", diff --git a/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json b/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json index d71ca2145a..988688ac2b 100644 --- a/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json +++ b/osv/malicious/npm/gardr-finn-js/MAL-0000-gardr-finn-js.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in gardr-finn-js (npm)", diff --git a/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json b/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json index 3d47e049d2..7dfc48b405 100644 --- a/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json +++ b/osv/malicious/npm/gardr-finn/MAL-0000-gardr-finn.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in gardr-finn (npm)", diff --git a/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json b/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json index 247d0ca59b..306a4036a3 100644 --- a/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json +++ b/osv/malicious/npm/hex-stablecoin/MAL-0000-hex-stablecoin.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in hex-stablecoin (npm)", diff --git a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json index cdd0a97352..a977ea2d44 100644 --- a/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json +++ b/osv/malicious/npm/humansdotai-humans-client/MAL-0000-humansdotai-humans-client.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in humansdotai-humans-client (npm)", diff --git a/osv/malicious/npm/internal-plugin-lifecycle-card/MAL-2025-48434.json b/osv/malicious/npm/internal-plugin-lifecycle-card/MAL-2025-48434.json index b53f757ffb..4a993da5a2 100644 --- a/osv/malicious/npm/internal-plugin-lifecycle-card/MAL-2025-48434.json +++ b/osv/malicious/npm/internal-plugin-lifecycle-card/MAL-2025-48434.json @@ -12,6 +12,7 @@ "name": "internal-plugin-lifecycle-card" }, "versions": [ + "99.9.9", "99.9.10" ] } diff --git a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json index c9173ae714..e064bfb511 100644 --- a/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json +++ b/osv/malicious/npm/metronome-utils/MAL-0000-metronome-utils.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in metronome-utils (npm)", diff --git a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json index 46f6a060c1..ee204bd0e9 100644 --- a/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json +++ b/osv/malicious/npm/phlex-core-ui/MAL-0000-phlex-core-ui.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in phlex-core-ui (npm)", diff --git a/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json b/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json index 00de30a7d3..9391b9865d 100644 --- a/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json +++ b/osv/malicious/npm/tjt-podlet-frontpage/MAL-0000-tjt-podlet-frontpage.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in tjt-podlet-frontpage (npm)", diff --git a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json index 06e4bd8caf..04284ee666 100644 --- a/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json +++ b/osv/malicious/npm/ui-library_mercadolibre/MAL-0000-ui-library_mercadolibre.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in ui-library_mercadolibre (npm)", diff --git a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json index aab951d586..38d0e38f00 100644 --- a/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json +++ b/osv/malicious/npm/web-palette-react/MAL-0000-web-palette-react.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in web-palette-react (npm)", diff --git a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json index b868c286b8..040a977d7d 100644 --- a/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json +++ b/osv/malicious/npm/yugabyte_cloud/MAL-0000-yugabyte_cloud.json @@ -1,6 +1,6 @@ { - "modified": "2025-10-15T15:10:53Z", - "published": "2025-10-15T15:10:53Z", + "modified": "2025-10-17T03:28:23Z", + "published": "2025-10-17T03:28:23Z", "schema_version": "1.5.0", "id": "", "summary": "Malicious code in yugabyte_cloud (npm)", From 559ae0495c898784f9c0845d802a804fb9e6de23 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Thu, 16 Oct 2025 22:42:17 -0500 Subject: [PATCH 33/42] Merged reports Signed-off-by: Chi Tran --- .../MAL-0000-nunes_nunes-loader-base.json | 14 +++++++++----- .../npm/api_halodoc/MAL-0000-apihalodoc.json | 14 +++++++++----- .../deere-ui-analytics-events/MAL-2025-48444.json | 7 +++++++ .../npm/deere-ui-cache/MAL-2025-48445.json | 7 +++++++ .../npm/deere-ui-namespace/MAL-2025-48446.json | 7 +++++++ .../npm/deere-ui-svg-to-react/MAL-2025-48447.json | 7 +++++++ osv/malicious/npm/deere-ui/MAL-2025-48443.json | 7 +++++++ .../MAL-0000-ec-component-loader.json | 14 +++++++++----- .../internal-config/MAL-0000-internal-config.json | 14 +++++++++----- .../npm/internal-forc/MAL-0000-internal-forc.json | 14 +++++++++----- .../npm/isg-iwp-web-client/MAL-2025-48448.json | 7 +++++++ 11 files changed, 87 insertions(+), 25 deletions(-) diff --git a/osv/malicious/npm/@nunes_nunes/loader-base/MAL-0000-nunes_nunes-loader-base.json b/osv/malicious/npm/@nunes_nunes/loader-base/MAL-0000-nunes_nunes-loader-base.json index acc3a80520..4b4d6d0d0f 100644 --- a/osv/malicious/npm/@nunes_nunes/loader-base/MAL-0000-nunes_nunes-loader-base.json +++ b/osv/malicious/npm/@nunes_nunes/loader-base/MAL-0000-nunes_nunes-loader-base.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-17T03:26:41.480Z", - "published": "2025-10-17T03:26:41.480Z", + "modified": "2025-10-17T03:26:41Z", + "published": "2025-10-17T03:26:41Z", "schema_version": "1.5.0", - "summary": "Malicious code in @nunes_nunes/loader-base package (npm)", + "id": "", + "summary": "Malicious code in @nunes_nunes/loader-base (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/api_halodoc/MAL-0000-apihalodoc.json b/osv/malicious/npm/api_halodoc/MAL-0000-apihalodoc.json index 0fce961e3e..723d0578e7 100644 --- a/osv/malicious/npm/api_halodoc/MAL-0000-apihalodoc.json +++ b/osv/malicious/npm/api_halodoc/MAL-0000-apihalodoc.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-17T03:25:21.656Z", - "published": "2025-10-17T03:25:21.656Z", + "modified": "2025-10-17T03:25:21Z", + "published": "2025-10-17T03:25:21Z", "schema_version": "1.5.0", - "summary": "Malicious code in api_halodoc package (npm)", + "id": "", + "summary": "Malicious code in api_halodoc (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/deere-ui-analytics-events/MAL-2025-48444.json b/osv/malicious/npm/deere-ui-analytics-events/MAL-2025-48444.json index 7464c7a959..1291d43670 100644 --- a/osv/malicious/npm/deere-ui-analytics-events/MAL-2025-48444.json +++ b/osv/malicious/npm/deere-ui-analytics-events/MAL-2025-48444.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/deere-ui-cache/MAL-2025-48445.json b/osv/malicious/npm/deere-ui-cache/MAL-2025-48445.json index 3b55fcabe2..7190f8ac13 100644 --- a/osv/malicious/npm/deere-ui-cache/MAL-2025-48445.json +++ b/osv/malicious/npm/deere-ui-cache/MAL-2025-48445.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/deere-ui-namespace/MAL-2025-48446.json b/osv/malicious/npm/deere-ui-namespace/MAL-2025-48446.json index 69c43a51dd..02a1d3ec82 100644 --- a/osv/malicious/npm/deere-ui-namespace/MAL-2025-48446.json +++ b/osv/malicious/npm/deere-ui-namespace/MAL-2025-48446.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/deere-ui-svg-to-react/MAL-2025-48447.json b/osv/malicious/npm/deere-ui-svg-to-react/MAL-2025-48447.json index ba8098f11c..388e62392d 100644 --- a/osv/malicious/npm/deere-ui-svg-to-react/MAL-2025-48447.json +++ b/osv/malicious/npm/deere-ui-svg-to-react/MAL-2025-48447.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/deere-ui/MAL-2025-48443.json b/osv/malicious/npm/deere-ui/MAL-2025-48443.json index 0a729ef0d9..b42e7c608a 100644 --- a/osv/malicious/npm/deere-ui/MAL-2025-48443.json +++ b/osv/malicious/npm/deere-ui/MAL-2025-48443.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/ec-component-loader/MAL-0000-ec-component-loader.json b/osv/malicious/npm/ec-component-loader/MAL-0000-ec-component-loader.json index bb4bbc2adf..801afbe0ab 100644 --- a/osv/malicious/npm/ec-component-loader/MAL-0000-ec-component-loader.json +++ b/osv/malicious/npm/ec-component-loader/MAL-0000-ec-component-loader.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-17T03:26:54.621Z", - "published": "2025-10-17T03:26:54.621Z", + "modified": "2025-10-17T03:26:54Z", + "published": "2025-10-17T03:26:54Z", "schema_version": "1.5.0", - "summary": "Malicious code in ec-component-loader package (npm)", + "id": "", + "summary": "Malicious code in ec-component-loader (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/internal-config/MAL-0000-internal-config.json b/osv/malicious/npm/internal-config/MAL-0000-internal-config.json index 31db2ceb13..49510a8363 100644 --- a/osv/malicious/npm/internal-config/MAL-0000-internal-config.json +++ b/osv/malicious/npm/internal-config/MAL-0000-internal-config.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-17T03:22:12.349Z", - "published": "2025-10-17T03:22:12.349Z", + "modified": "2025-10-17T03:22:12Z", + "published": "2025-10-17T03:22:12Z", "schema_version": "1.5.0", - "summary": "Malicious code in internal-config package (npm)", + "id": "", + "summary": "Malicious code in internal-config (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/internal-forc/MAL-0000-internal-forc.json b/osv/malicious/npm/internal-forc/MAL-0000-internal-forc.json index 443fbf004e..0d17b8f6ca 100644 --- a/osv/malicious/npm/internal-forc/MAL-0000-internal-forc.json +++ b/osv/malicious/npm/internal-forc/MAL-0000-internal-forc.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-17T03:22:05.580Z", - "published": "2025-10-17T03:22:05.580Z", + "modified": "2025-10-17T03:22:05Z", + "published": "2025-10-17T03:22:05Z", "schema_version": "1.5.0", - "summary": "Malicious code in internal-forc package (npm)", + "id": "", + "summary": "Malicious code in internal-forc (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/isg-iwp-web-client/MAL-2025-48448.json b/osv/malicious/npm/isg-iwp-web-client/MAL-2025-48448.json index ea546c571f..6b9c00abcd 100644 --- a/osv/malicious/npm/isg-iwp-web-client/MAL-2025-48448.json +++ b/osv/malicious/npm/isg-iwp-web-client/MAL-2025-48448.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", From 69b1b7b8544f3727de2057711ba7ead8a609ced3 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Fri, 17 Oct 2025 10:44:48 -0500 Subject: [PATCH 34/42] Add malicious package entry: class-scheduling Signed-off-by: Chi Tran --- .../MAL-0000-class-scheduling.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/class-scheduling/MAL-0000-class-scheduling.json diff --git a/osv/malicious/npm/class-scheduling/MAL-0000-class-scheduling.json b/osv/malicious/npm/class-scheduling/MAL-0000-class-scheduling.json new file mode 100644 index 0000000000..ba109e35d7 --- /dev/null +++ b/osv/malicious/npm/class-scheduling/MAL-0000-class-scheduling.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-17T15:44:47.513Z", + "published": "2025-10-17T15:44:47.513Z", + "schema_version": "1.5.0", + "summary": "Malicious code in class-scheduling package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "class-scheduling" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.22.3" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 50f5d2d3a691ed74fb03dab00858b21ed8b76c75 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Fri, 17 Oct 2025 10:45:22 -0500 Subject: [PATCH 35/42] Add malicious package entry: @institute-of-data-management/n11-chatbot Signed-off-by: Chi Tran --- ...titute-of-data-management-n11-chatbot.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/@institute-of-data-management/n11-chatbot/MAL-0000-institute-of-data-management-n11-chatbot.json diff --git a/osv/malicious/npm/@institute-of-data-management/n11-chatbot/MAL-0000-institute-of-data-management-n11-chatbot.json b/osv/malicious/npm/@institute-of-data-management/n11-chatbot/MAL-0000-institute-of-data-management-n11-chatbot.json new file mode 100644 index 0000000000..b4b23bc002 --- /dev/null +++ b/osv/malicious/npm/@institute-of-data-management/n11-chatbot/MAL-0000-institute-of-data-management-n11-chatbot.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-17T15:45:22.482Z", + "published": "2025-10-17T15:45:22.482Z", + "schema_version": "1.5.0", + "summary": "Malicious code in @institute-of-data-management/n11-chatbot package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "@institute-of-data-management/n11-chatbot" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From e23df518f710f5efde4ac53ba95742357d73a5d4 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Fri, 17 Oct 2025 10:45:39 -0500 Subject: [PATCH 36/42] Add malicious package entry: internal-native-buy Signed-off-by: Chi Tran --- .../MAL-0000-internal-native-buy.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/internal-native-buy/MAL-0000-internal-native-buy.json diff --git a/osv/malicious/npm/internal-native-buy/MAL-0000-internal-native-buy.json b/osv/malicious/npm/internal-native-buy/MAL-0000-internal-native-buy.json new file mode 100644 index 0000000000..00343900d9 --- /dev/null +++ b/osv/malicious/npm/internal-native-buy/MAL-0000-internal-native-buy.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-17T15:45:38.934Z", + "published": "2025-10-17T15:45:38.934Z", + "schema_version": "1.5.0", + "summary": "Malicious code in internal-native-buy package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "internal-native-buy" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "999.9.9" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From c9869abd237e50d1dbb589eb78f2bb167da4742a Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Fri, 17 Oct 2025 10:48:11 -0500 Subject: [PATCH 37/42] Added reports Signed-off-by: Chi Tran --- ...0-institute-of-data-management-n11-chatbot.json | 14 +++++++++----- .../MAL-0000-class-scheduling.json | 14 +++++++++----- .../npm/cp2-shared-components/MAL-2025-48450.json | 7 +++++++ .../MAL-0000-internal-native-buy.json | 14 +++++++++----- osv/malicious/npm/monzo-com/MAL-2025-48449.json | 7 +++++++ 5 files changed, 41 insertions(+), 15 deletions(-) diff --git a/osv/malicious/npm/@institute-of-data-management/n11-chatbot/MAL-0000-institute-of-data-management-n11-chatbot.json b/osv/malicious/npm/@institute-of-data-management/n11-chatbot/MAL-0000-institute-of-data-management-n11-chatbot.json index b4b23bc002..1ea080f750 100644 --- a/osv/malicious/npm/@institute-of-data-management/n11-chatbot/MAL-0000-institute-of-data-management-n11-chatbot.json +++ b/osv/malicious/npm/@institute-of-data-management/n11-chatbot/MAL-0000-institute-of-data-management-n11-chatbot.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-17T15:45:22.482Z", - "published": "2025-10-17T15:45:22.482Z", + "modified": "2025-10-17T15:45:22Z", + "published": "2025-10-17T15:45:22Z", "schema_version": "1.5.0", - "summary": "Malicious code in @institute-of-data-management/n11-chatbot package (npm)", + "id": "", + "summary": "Malicious code in @institute-of-data-management/n11-chatbot (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/class-scheduling/MAL-0000-class-scheduling.json b/osv/malicious/npm/class-scheduling/MAL-0000-class-scheduling.json index ba109e35d7..7743c747aa 100644 --- a/osv/malicious/npm/class-scheduling/MAL-0000-class-scheduling.json +++ b/osv/malicious/npm/class-scheduling/MAL-0000-class-scheduling.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-17T15:44:47.513Z", - "published": "2025-10-17T15:44:47.513Z", + "modified": "2025-10-17T15:44:47Z", + "published": "2025-10-17T15:44:47Z", "schema_version": "1.5.0", - "summary": "Malicious code in class-scheduling package (npm)", + "id": "", + "summary": "Malicious code in class-scheduling (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/cp2-shared-components/MAL-2025-48450.json b/osv/malicious/npm/cp2-shared-components/MAL-2025-48450.json index 0eb5d68df4..db86efbcc2 100644 --- a/osv/malicious/npm/cp2-shared-components/MAL-2025-48450.json +++ b/osv/malicious/npm/cp2-shared-components/MAL-2025-48450.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/internal-native-buy/MAL-0000-internal-native-buy.json b/osv/malicious/npm/internal-native-buy/MAL-0000-internal-native-buy.json index 00343900d9..55395f569e 100644 --- a/osv/malicious/npm/internal-native-buy/MAL-0000-internal-native-buy.json +++ b/osv/malicious/npm/internal-native-buy/MAL-0000-internal-native-buy.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-17T15:45:38.934Z", - "published": "2025-10-17T15:45:38.934Z", + "modified": "2025-10-17T15:45:38Z", + "published": "2025-10-17T15:45:38Z", "schema_version": "1.5.0", - "summary": "Malicious code in internal-native-buy package (npm)", + "id": "", + "summary": "Malicious code in internal-native-buy (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/monzo-com/MAL-2025-48449.json b/osv/malicious/npm/monzo-com/MAL-2025-48449.json index 4ac20a69c7..ab0e63d27e 100644 --- a/osv/malicious/npm/monzo-com/MAL-2025-48449.json +++ b/osv/malicious/npm/monzo-com/MAL-2025-48449.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", From 15975b85a112a3a622d4350e4a95c15a3d58827c Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Sat, 18 Oct 2025 00:36:35 -0500 Subject: [PATCH 38/42] Add malicious package entry: src_index_ts Signed-off-by: Chi Tran --- .../npm/src_index_ts/MAL-0000-srcindexts.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/src_index_ts/MAL-0000-srcindexts.json diff --git a/osv/malicious/npm/src_index_ts/MAL-0000-srcindexts.json b/osv/malicious/npm/src_index_ts/MAL-0000-srcindexts.json new file mode 100644 index 0000000000..4a16cfa5fe --- /dev/null +++ b/osv/malicious/npm/src_index_ts/MAL-0000-srcindexts.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-18T05:36:35.010Z", + "published": "2025-10-18T05:36:35.010Z", + "schema_version": "1.5.0", + "summary": "Malicious code in src_index_ts package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "src_index_ts" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "8.0.5" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From f3976fb2dccfd6dee708f7b4c9399175a53c450f Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Sat, 18 Oct 2025 00:37:49 -0500 Subject: [PATCH 39/42] Add malicious package entry: src_components_ibtdetail_index_tsx Signed-off-by: Chi Tran --- ...L-0000-srccomponentsibtdetailindextsx.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/src_components_ibtdetail_index_tsx/MAL-0000-srccomponentsibtdetailindextsx.json diff --git a/osv/malicious/npm/src_components_ibtdetail_index_tsx/MAL-0000-srccomponentsibtdetailindextsx.json b/osv/malicious/npm/src_components_ibtdetail_index_tsx/MAL-0000-srccomponentsibtdetailindextsx.json new file mode 100644 index 0000000000..0b7f45a346 --- /dev/null +++ b/osv/malicious/npm/src_components_ibtdetail_index_tsx/MAL-0000-srccomponentsibtdetailindextsx.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-18T05:37:49.167Z", + "published": "2025-10-18T05:37:49.167Z", + "schema_version": "1.5.0", + "summary": "Malicious code in src_components_ibtdetail_index_tsx package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "src_components_ibtdetail_index_tsx" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "9.8.5" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 772a018d53a551d9a2886c83325dd69e76664516 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Sat, 18 Oct 2025 00:38:04 -0500 Subject: [PATCH 40/42] Add malicious package entry: test-postinstall-package-for-ctf-nfrejnfvjenjner Signed-off-by: Chi Tran --- ...stall-package-for-ctf-nfrejnfvjenjner.json | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 osv/malicious/npm/test-postinstall-package-for-ctf-nfrejnfvjenjner/MAL-0000-test-postinstall-package-for-ctf-nfrejnfvjenjner.json diff --git a/osv/malicious/npm/test-postinstall-package-for-ctf-nfrejnfvjenjner/MAL-0000-test-postinstall-package-for-ctf-nfrejnfvjenjner.json b/osv/malicious/npm/test-postinstall-package-for-ctf-nfrejnfvjenjner/MAL-0000-test-postinstall-package-for-ctf-nfrejnfvjenjner.json new file mode 100644 index 0000000000..61498c73e9 --- /dev/null +++ b/osv/malicious/npm/test-postinstall-package-for-ctf-nfrejnfvjenjner/MAL-0000-test-postinstall-package-for-ctf-nfrejnfvjenjner.json @@ -0,0 +1,34 @@ +{ + "modified": "2025-10-18T05:38:04.618Z", + "published": "2025-10-18T05:38:04.618Z", + "schema_version": "1.5.0", + "summary": "Malicious code in test-postinstall-package-for-ctf-nfrejnfvjenjner package (npm)", + "details": "The package communicates with a domain associated with malicious activity.", + "affected": [ + { + "package": { + "ecosystem": "npm", + "name": "test-postinstall-package-for-ctf-nfrejnfvjenjner" + }, + "ranges": [ + { + "type": "SEMVER", + "events": [ + { + "introduced": "1.0.0" + } + ] + } + ] + } + ], + "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + } + ] +} \ No newline at end of file From 9093ad10b340b56d371c3c24ce1f949fee038fe5 Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Sat, 18 Oct 2025 00:39:39 -0500 Subject: [PATCH 41/42] Added reports Signed-off-by: Chi Tran --- .../npm/helosifjowe2342/MAL-2025-48451.json | 7 +++++++ .../MAL-0000-srccomponentsibtdetailindextsx.json | 14 +++++++++----- .../MAL-2025-48452.json | 7 +++++++ .../npm/src_index_ts/MAL-0000-srcindexts.json | 14 +++++++++----- .../src_pages_list_index_tsx/MAL-2025-48453.json | 7 +++++++ ...ostinstall-package-for-ctf-nfrejnfvjenjner.json | 14 +++++++++----- 6 files changed, 48 insertions(+), 15 deletions(-) diff --git a/osv/malicious/npm/helosifjowe2342/MAL-2025-48451.json b/osv/malicious/npm/helosifjowe2342/MAL-2025-48451.json index aeda7cfe0e..52d2417d0b 100644 --- a/osv/malicious/npm/helosifjowe2342/MAL-2025-48451.json +++ b/osv/malicious/npm/helosifjowe2342/MAL-2025-48451.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/src_components_ibtdetail_index_tsx/MAL-0000-srccomponentsibtdetailindextsx.json b/osv/malicious/npm/src_components_ibtdetail_index_tsx/MAL-0000-srccomponentsibtdetailindextsx.json index 0b7f45a346..d25f7b824b 100644 --- a/osv/malicious/npm/src_components_ibtdetail_index_tsx/MAL-0000-srccomponentsibtdetailindextsx.json +++ b/osv/malicious/npm/src_components_ibtdetail_index_tsx/MAL-0000-srccomponentsibtdetailindextsx.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-18T05:37:49.167Z", - "published": "2025-10-18T05:37:49.167Z", + "modified": "2025-10-18T05:37:49Z", + "published": "2025-10-18T05:37:49Z", "schema_version": "1.5.0", - "summary": "Malicious code in src_components_ibtdetail_index_tsx package (npm)", + "id": "", + "summary": "Malicious code in src_components_ibtdetail_index_tsx (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/src_components_qcreport_index_tsx/MAL-2025-48452.json b/osv/malicious/npm/src_components_qcreport_index_tsx/MAL-2025-48452.json index c393c4dfd8..9643c675cf 100644 --- a/osv/malicious/npm/src_components_qcreport_index_tsx/MAL-2025-48452.json +++ b/osv/malicious/npm/src_components_qcreport_index_tsx/MAL-2025-48452.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/src_index_ts/MAL-0000-srcindexts.json b/osv/malicious/npm/src_index_ts/MAL-0000-srcindexts.json index 4a16cfa5fe..5f567c1c04 100644 --- a/osv/malicious/npm/src_index_ts/MAL-0000-srcindexts.json +++ b/osv/malicious/npm/src_index_ts/MAL-0000-srcindexts.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-18T05:36:35.010Z", - "published": "2025-10-18T05:36:35.010Z", + "modified": "2025-10-18T05:36:35Z", + "published": "2025-10-18T05:36:35Z", "schema_version": "1.5.0", - "summary": "Malicious code in src_index_ts package (npm)", + "id": "", + "summary": "Malicious code in src_index_ts (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} diff --git a/osv/malicious/npm/src_pages_list_index_tsx/MAL-2025-48453.json b/osv/malicious/npm/src_pages_list_index_tsx/MAL-2025-48453.json index 407e01308f..59382bf46a 100644 --- a/osv/malicious/npm/src_pages_list_index_tsx/MAL-2025-48453.json +++ b/osv/malicious/npm/src_pages_list_index_tsx/MAL-2025-48453.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER", diff --git a/osv/malicious/npm/test-postinstall-package-for-ctf-nfrejnfvjenjner/MAL-0000-test-postinstall-package-for-ctf-nfrejnfvjenjner.json b/osv/malicious/npm/test-postinstall-package-for-ctf-nfrejnfvjenjner/MAL-0000-test-postinstall-package-for-ctf-nfrejnfvjenjner.json index 61498c73e9..3a277b3aa8 100644 --- a/osv/malicious/npm/test-postinstall-package-for-ctf-nfrejnfvjenjner/MAL-0000-test-postinstall-package-for-ctf-nfrejnfvjenjner.json +++ b/osv/malicious/npm/test-postinstall-package-for-ctf-nfrejnfvjenjner/MAL-0000-test-postinstall-package-for-ctf-nfrejnfvjenjner.json @@ -1,8 +1,9 @@ { - "modified": "2025-10-18T05:38:04.618Z", - "published": "2025-10-18T05:38:04.618Z", + "modified": "2025-10-18T05:38:04Z", + "published": "2025-10-18T05:38:04Z", "schema_version": "1.5.0", - "summary": "Malicious code in test-postinstall-package-for-ctf-nfrejnfvjenjner package (npm)", + "id": "", + "summary": "Malicious code in test-postinstall-package-for-ctf-nfrejnfvjenjner (npm)", "details": "The package communicates with a domain associated with malicious activity.", "affected": [ { @@ -30,5 +31,8 @@ "actran@amazon.com" ] } - ] -} \ No newline at end of file + ], + "database_specific": { + "malicious-packages-origins": null + } +} From b11b48ddf713f30ac2c0a8bb560d309e4c118bae Mon Sep 17 00:00:00 2001 From: Chi Tran Date: Sat, 18 Oct 2025 01:25:18 -0500 Subject: [PATCH 42/42] Merged reports Signed-off-by: Chi Tran --- osv/malicious/npm/rainbowkit-next-app/MAL-2025-48454.json | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/osv/malicious/npm/rainbowkit-next-app/MAL-2025-48454.json b/osv/malicious/npm/rainbowkit-next-app/MAL-2025-48454.json index 7b1f9f6676..261284287f 100644 --- a/osv/malicious/npm/rainbowkit-next-app/MAL-2025-48454.json +++ b/osv/malicious/npm/rainbowkit-next-app/MAL-2025-48454.json @@ -17,6 +17,13 @@ } ], "credits": [ + { + "name": "Amazon Inspector", + "type": "FINDER", + "contact": [ + "actran@amazon.com" + ] + }, { "name": "OpenSSF: Package Analysis", "type": "FINDER",