MAL-2025-41558

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ethrs.js/MAL-2025-41558.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-41558
Aliases
  • SNYK-JS-ETHRSJS-13561266
Published
2025-08-28T07:27:59Z
Modified
2025-12-02T10:14:46.269811Z
Summary
Malicious code in ethrs.js (npm)
Details

-= Per source details. Do not edit below this line.=-

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "b45cdcbd39bd0cdee445bc6a6060055fdcac612745353568580aeaccad1ae6f4",
            "id": "RLMA-2025-04520",
            "import_time": "2025-08-29T06:42:21.339037963Z",
            "modified_time": "2025-08-28T07:27:59Z",
            "versions": [
                "1.0.2"
            ],
            "source": "reversing-labs"
        },
        {
            "sha256": "d73c83887a441a8be9a5df0e05f98adcc36fb41324fbc22e92787ab1e4707f58",
            "id": "RLUA-2025-05791",
            "import_time": "2025-12-02T09:10:04.725159841Z",
            "modified_time": "2025-12-01T13:10:42Z",
            "source": "reversing-labs"
        }
    ]
}
References
Credits

Affected packages

npm / ethrs.js

Package

Affected ranges

Affected versions

1.*
1.0.2

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ethrs.js/MAL-2025-41558.json"