MAL-2025-2876

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ethers-providerz/MAL-2025-2876.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-2876
Published
2025-03-28T12:45:51Z
Modified
2025-12-24T10:27:24.205710Z
Summary
Malicious code in ethers-providerz (npm)
Details

-= Per source details. Do not edit below this line.=-

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "df855792893fb129bf3035f911d6b194370db8d09d97a32ff0fa62e445e114d6",
            "id": "RLMA-2025-01524",
            "source": "reversing-labs",
            "import_time": "2025-03-31T07:06:55.256512961Z",
            "modified_time": "2025-03-28T12:45:51Z",
            "versions": [
                "1.16.0",
                "1.17.0",
                "1.18.0"
            ]
        },
        {
            "id": "RLUA-2025-06350",
            "source": "reversing-labs",
            "import_time": "2025-12-24T10:07:34.68317198Z",
            "modified_time": "2025-12-23T08:13:00Z",
            "sha256": "5255fb7df5589aef34e40c718ad24aa4aa386bdfe49a57bcfbaddc558cdaac14"
        }
    ]
}
References
Credits

Affected packages

npm / ethers-providerz

Package

Affected ranges

Affected versions

1.*
1.16.0
1.17.0
1.18.0

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ethers-providerz/MAL-2025-2876.json"