MAL-2025-4167

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/calling-extensions-sdk-demo-minimal-js/MAL-2025-4167.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-4167
Published
2025-05-22T12:41:33Z
Modified
2025-05-22T12:41:33Z
Summary
Malicious code in calling-extensions-sdk-demo-minimal-js (npm)
Details

-= Per source details. Do not edit below this line.=-

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "4f0096d17dd87cb6a5ece4c60a70d7b6237c785406697fc372bee9d38f47f4e0",
            "id": "RLMA-2025-02710",
            "import_time": "2025-05-22T14:06:46.835699851Z",
            "modified_time": "2025-05-22T12:41:33Z",
            "versions": [
                "1.1.0"
            ],
            "source": "reversing-labs"
        }
    ]
}
References
Credits

Affected packages

npm / calling-extensions-sdk-demo-minimal-js

Package

Name
calling-extensions-sdk-demo-minimal-js
View open source insights on deps.dev
Purl
pkg:npm/calling-extensions-sdk-demo-minimal-js

Affected ranges

Affected versions

1.*
1.1.0

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/calling-extensions-sdk-demo-minimal-js/MAL-2025-4167.json"