MAL-2025-1541

Import Source

JSON Data

https://api.osv.dev/v1/vulns/MAL-2025-1541

Published

2025-02-23T05:16:15Z

Modified

2025-02-23T05:16:15Z

Summary

Malicious code in charts-e2e (npm)

Details

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain.

Database specific

{
    "malicious-packages-origins": null
}

References

Credits

- GitHax - Software Supply Chain Threat Intelligence - FINDER
- - https://githax.com

Affected packages

1.0.0