MAL-2025-192284

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/elf-stats-sprucey-fireplace-355/MAL-2025-192284.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-192284
Published
2025-12-03T19:45:17Z
Modified
2025-12-03T20:21:01.476864Z
Summary
Malicious code in elf-stats-sprucey-fireplace-355 (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (164ecc7e7d859834f4c5c8e0da6104968a639d74eb7f89af69b1e593e4a01207)

The package elf-stats-sprucey-fireplace-355 was found to contain malicious code.

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "1.0.4"
            ],
            "import_time": "2025-12-03T20:08:32.983656302Z",
            "modified_time": "2025-12-03T19:45:17Z",
            "sha256": "164ecc7e7d859834f4c5c8e0da6104968a639d74eb7f89af69b1e593e4a01207",
            "source": "amazon-inspector"
        },
        {
            "versions": [
                "1.0.5"
            ],
            "import_time": "2025-12-03T20:08:33.208071925Z",
            "modified_time": "2025-12-03T19:50:08Z",
            "sha256": "1f396e4713f7975deef094cd96dd48a791f2d1c5e66d67d2cb844a78746b7d4a",
            "source": "amazon-inspector"
        }
    ]
}
References
Credits

Affected packages

npm / elf-stats-sprucey-fireplace-355

Package

Name
elf-stats-sprucey-fireplace-355
View open source insights on deps.dev
Purl
pkg:npm/elf-stats-sprucey-fireplace-355

Affected ranges

Affected versions

1.*
1.0.4
1.0.5

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/elf-stats-sprucey-fireplace-355/MAL-2025-192284.json"