MAL-2025-192926
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@airtel-web/clickstream/MAL-2025-192926.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MAL-2025-192926
- Published
- 2025-12-24T12:20:46Z
- Modified
- 2025-12-24T13:31:52.785478Z
- Summary
- Malicious code in @airtel-web/clickstream (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (01e00e18f6d4edf8b857146fac8bf3a107ac53562eecd944835eb66901103b6a)
The OpenSSF Package Analysis project identified '@airtel-web/clickstream' @ 99.0.3 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
- Database specific
{ "malicious-packages-origins": [ { "modified_time": "2025-12-24T12:20:46Z", "source": "ossf-package-analysis", "sha256": "01e00e18f6d4edf8b857146fac8bf3a107ac53562eecd944835eb66901103b6a", "versions": [ "99.0.3" ], "import_time": "2025-12-24T12:48:01.121802034Z" }, { "modified_time": "2025-12-24T12:37:05Z", "source": "ossf-package-analysis", "sha256": "1e5ad1cdfb7e036af82eb1c5b75350407e17170dd2590d7de5df98ecc1287428", "versions": [ "99.0.5" ], "import_time": "2025-12-24T12:48:01.207165876Z" }, { "modified_time": "2025-12-24T12:45:41Z", "source": "ossf-package-analysis", "sha256": "618afd33da6048e6ea3349b82b9a37f6fe43806451403c33423d438aca681921", "versions": [ "99.0.6" ], "import_time": "2025-12-24T12:48:01.297821354Z" }, { "modified_time": "2025-12-24T12:55:35Z", "source": "ossf-package-analysis", "sha256": "1fc8b7e4d78fccca8bcde81c42f93e562ca4f66df3571e8592cd0e584b779d24", "versions": [ "99.0.7" ], "import_time": "2025-12-24T13:15:50.19437198Z" } ] }- References
-
- Credits
-
-
- OpenSSF: Package Analysis - FINDER
-
Affected packages
npm / @airtel-web/clickstream
Package
- Name
- @airtel-web/clickstream
- View open source insights on deps.dev
- Purl
- pkg:npm/%40airtel-web/clickstream