MAL-2025-191586
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/session-validate/MAL-2025-191586.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2025-191586
- Aliases
-
- SNYK-JS-SESSIONVALIDATE-14152304
- Published
- 2025-12-01T13:25:08Z
- Modified
- 2026-03-19T12:48:09.427888Z
- Summary
- Malicious code in session-validate (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (91001b31023cb6f1a30d084b1c484e703936c4378ac7b76fc85dd023771cd8d2)
The package session-validate was found to contain malicious code.
- Database specific
{ "malicious-packages-origins": [ { "modified_time": "2025-12-01T13:25:08Z", "source": "reversing-labs", "import_time": "2025-12-02T09:09:53.847815103Z", "id": "RLMA-2025-05943", "versions": [ "2.2.4", "2.2.6" ], "sha256": "bff5ac17a2607f91faa5d24a60de6aa603dfee3517d8e626394260e6a4ab5f9b" }, { "source": "amazon-inspector", "import_time": "2025-12-02T21:35:52.34952924Z", "modified_time": "2025-12-02T21:11:00Z", "versions": [ "2.2.4", "2.2.6" ], "sha256": "91001b31023cb6f1a30d084b1c484e703936c4378ac7b76fc85dd023771cd8d2" }, { "source": "reversing-labs", "import_time": "2025-12-24T10:07:35.622671744Z", "id": "RLUA-2025-06480", "modified_time": "2025-12-23T08:30:14Z", "sha256": "2baff92083ec620c268cc5f62644cfed43b773f115adb70f916c87ac5f7ff0a1" }, { "source": "reversing-labs", "import_time": "2026-03-19T12:20:59.706665894Z", "id": "RLUA-2026-01561", "modified_time": "2026-03-18T13:09:06Z", "sha256": "9ce1b0f141873cb25e0a971b603b10b1b840dc92824a6a40884d7600f7a82a30" } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
- ReversingLabs - FINDER
-
Affected packages
npm / session-validate
Package
- Name
- session-validate
- View open source insights on deps.dev
- Purl
- pkg:npm/session-validate