MAL-2025-41549

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ddok-escapes/MAL-2025-41549.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-41549
Aliases
  • SNYK-JS-DDOKESCAPES-13561251
Published
2025-08-28T07:25:17Z
Modified
2025-12-02T10:14:45.696490Z
Summary
Malicious code in ddok-escapes (npm)
Details

-= Per source details. Do not edit below this line.=-

Database specific 
{
    "malicious-packages-origins": [
        {
            "import_time": "2025-08-29T06:42:18.850029499Z",
            "modified_time": "2025-08-28T07:25:17Z",
            "source": "reversing-labs",
            "sha256": "d806f67302a11d1053127d8c0c0a671264235880bdd8c660d850f4822d5451e4",
            "id": "RLMA-2025-04498",
            "versions": [
                "4.3.2",
                "4.3.3",
                "4.3.4",
                "4.3.5",
                "4.3.6"
            ]
        },
        {
            "import_time": "2025-09-26T11:06:11.730824857Z",
            "modified_time": "2025-09-26T09:27:48Z",
            "source": "reversing-labs",
            "sha256": "09a058c870df140549ed4ccff2a95bc57c703eaf36b3548534e614c40ce53027",
            "id": "RLUA-2025-04985",
            "versions": [
                "4.3.7"
            ]
        },
        {
            "import_time": "2025-12-02T09:10:03.154485352Z",
            "modified_time": "2025-12-01T13:06:45Z",
            "source": "reversing-labs",
            "sha256": "25f502e5a0a977a490a0215143d626e2ec8b6c604fa50ba4f7cf6a4ae0d7b06d",
            "id": "RLUA-2025-05718"
        }
    ]
}
References
Credits

Affected packages

npm / ddok-escapes

Package

Name
ddok-escapes
View open source insights on deps.dev
Purl
pkg:npm/ddok-escapes

Affected ranges

Affected versions

4.*
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ddok-escapes/MAL-2025-41549.json"