MAL-2025-192213

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/elf-stats-gingersnap-ornament-469/MAL-2025-192213.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-192213
Published
2025-12-03T17:22:10Z
Modified
2025-12-24T00:22:47.140454Z
Summary
Malicious code in elf-stats-gingersnap-ornament-469 (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (614eb8032e990001291f71c26e03c122f5db83f846d6fa385840f6952cdd7ba4)

The package elf-stats-gingersnap-ornament-469 was found to contain malicious code.

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "614eb8032e990001291f71c26e03c122f5db83f846d6fa385840f6952cdd7ba4",
            "import_time": "2025-12-03T17:40:19.816503919Z",
            "modified_time": "2025-12-03T17:22:10Z",
            "source": "amazon-inspector",
            "versions": [
                "9.0.0",
                "9.0.1",
                "9.1.1",
                "9.2.1"
            ]
        },
        {
            "versions": [
                "9.0.0",
                "9.0.1",
                "9.1.1",
                "9.2.1"
            ],
            "sha256": "75154c44253887a14d5bf6c28634e6569d150b4835138a64644d82d6ccce4324",
            "import_time": "2025-12-23T20:07:23.303845991Z",
            "modified_time": "2025-12-23T08:08:15Z",
            "id": "RLMA-2025-06205",
            "source": "reversing-labs"
        }
    ]
}
References
Credits

Affected packages

npm / elf-stats-gingersnap-ornament-469

Package

Name
elf-stats-gingersnap-ornament-469
View open source insights on deps.dev
Purl
pkg:npm/elf-stats-gingersnap-ornament-469

Affected ranges

Affected versions

9.*
9.0.0
9.0.1
9.1.1
9.2.1

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/elf-stats-gingersnap-ornament-469/MAL-2025-192213.json"