MAL-2026-2335

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/azurestack-common/MAL-2026-2335.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-2335

Published

2026-03-24T15:38:26Z

Modified

2026-04-07T14:49:07.027882Z

Summary

Malicious code in azurestack-common (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (500acb5021d6cc7c40146b6b6f8fd17563f17b68d95e52d78a749514b839cba3)

The package azurestack-common was found to contain malicious code.

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "789843607dcf3852cf649e1c9eb6bd474749ecb653a97205a8f142a710946424",
            "import_time": "2026-04-01T12:26:06.677966976Z",
            "modified_time": "2026-03-24T15:38:26Z",
            "versions": [
                "1.0.1",
                "1.0.2"
            ],
            "id": "RLMA-2026-01712",
            "source": "reversing-labs"
        },
        {
            "sha256": "500acb5021d6cc7c40146b6b6f8fd17563f17b68d95e52d78a749514b839cba3",
            "import_time": "2026-04-07T14:39:26.55229992Z",
            "modified_time": "2026-04-07T14:24:50Z",
            "versions": [
                "1.0.1",
                "1.0.2"
            ],
            "source": "amazon-inspector"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - actran@amazon.com
- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

npm / azurestack-common

Package

Name: azurestack-common; View open source insights on deps.dev
Purl: pkg:npm/azurestack-common

Affected ranges

Affected versions

1.*

1.0.1

1.0.2

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/azurestack-common/MAL-2026-2335.json"