MAL-2025-3511

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/test-kaks3c/MAL-2025-3511.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-3511
Published
2025-04-23T16:21:12Z
Modified
2025-04-29T00:50:22Z
Summary
Malicious code in test-kaks3c (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (591289fef82efe1b6a54e8948561a76e1e42addd4e1b62fe61364c894640b6b9)

The OpenSSF Package Analysis project identified 'test-kaks3c' @ 10.0.4 (npm) as malicious.

It is considered malicious because:

  • The package communicates with a domain associated with malicious activity.

  • The package executes one or more commands associated with malicious behavior.

Database specific 
{
    "malicious-packages-origins": [
        {
            "import_time": "2025-04-29T00:49:53.13449949Z",
            "source": "ossf-package-analysis",
            "modified_time": "2025-04-23T16:26:07Z",
            "versions": [
                "10.0.4"
            ],
            "sha256": "591289fef82efe1b6a54e8948561a76e1e42addd4e1b62fe61364c894640b6b9"
        },
        {
            "import_time": "2025-04-29T00:49:53.014590939Z",
            "source": "ossf-package-analysis",
            "modified_time": "2025-04-23T16:21:12Z",
            "versions": [
                "10.0.3"
            ],
            "sha256": "a306da603193d1a99a0db23736774f97cc21f188b2a386574dd0c88b285ae54a"
        }
    ]
}
References
Credits

Affected packages

npm / test-kaks3c

Package

Name
test-kaks3c
View open source insights on deps.dev
Purl
pkg:npm/test-kaks3c

Affected ranges

Affected versions

10.*

10.0.3
10.0.4