MAL-2025-2891

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/post-comment/MAL-2025-2891.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-2891
Published
2025-03-28T12:54:52Z
Modified
2025-03-28T12:54:52Z
Summary
Malicious code in post-comment (npm)
Details

-= Per source details. Do not edit below this line.=-

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "40163571ce4449d275841aaf668ed24938f68e09c1b97547708ab11ae096edde",
            "id": "RLMA-2025-01711",
            "import_time": "2025-03-31T07:06:58.771515413Z",
            "modified_time": "2025-03-28T12:54:52Z",
            "versions": [
                "2.0.2",
                "2.0.4"
            ],
            "source": "reversing-labs"
        }
    ]
}
References
Credits

Affected packages

npm / post-comment

Package

Affected ranges

Affected versions

2.*
2.0.2
2.0.4

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/post-comment/MAL-2025-2891.json"