MAL-2025-191562

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@gr-exports/head/MAL-2025-191562.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-191562
Published
2025-12-01T12:57:05Z
Modified
2025-12-02T21:58:30.056272Z
Summary
Malicious code in @gr-exports/head (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (c6888eb30baaf533b512a0914e8563b29f47351f0154432f6c09fc209656ba10)

The package @gr-exports/head was found to contain malicious code.

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "1.0.0",
                "99.0.0"
            ],
            "sha256": "07953a5a160c0fd5a8a6b63a258533cb08c0bdd7a0fcc013475a87035b13756b",
            "modified_time": "2025-12-01T12:57:05Z",
            "source": "reversing-labs",
            "id": "RLMA-2025-05654",
            "import_time": "2025-12-02T09:09:40.308679552Z"
        },
        {
            "versions": [
                "1.0.0",
                "99.0.0"
            ],
            "sha256": "c6888eb30baaf533b512a0914e8563b29f47351f0154432f6c09fc209656ba10",
            "modified_time": "2025-12-02T21:11:00Z",
            "source": "amazon-inspector",
            "import_time": "2025-12-02T21:35:54.402559126Z"
        }
    ]
}
References
Credits

Affected packages

npm / @gr-exports/head

Package

Name
@gr-exports/head
View open source insights on deps.dev
Purl
pkg:npm/%40gr-exports/head

Affected ranges

Affected versions

1.*
1.0.0
99.*
99.0.0

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@gr-exports/head/MAL-2025-191562.json"