{"id":"MAL-2025-41263","summary":"Malicious code in sdp-transform-parser (npm)","details":"The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (d6f0bf5deb53b6f1424914462ad86d16738a1118a744d709e3e37abaf8907134)\nThe OpenSSF Package Analysis project identified 'sdp-transform-parser' @ 99.99.100 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2025-09-26T11:06:45Z","published":"2025-08-21T18:55:55Z","database_specific":{"malicious-packages-origins":[{"source":"ossf-package-analysis","import_time":"2025-08-22T02:34:57.297714407Z","modified_time":"2025-08-22T01:55:52Z","versions":["99.99.100"],"sha256":"d6f0bf5deb53b6f1424914462ad86d16738a1118a744d709e3e37abaf8907134"},{"source":"ossf-package-analysis","import_time":"2025-08-23T05:35:59.404069188Z","modified_time":"2025-08-23T05:35:43Z","versions":["9999.0.2"],"sha256":"438899bb3957f0a67048b52b32607a1e4e8a954434c0e5482b4a30e336e09641"},{"source":"ossf-package-analysis","import_time":"2025-08-23T05:35:59.152643163Z","modified_time":"2025-08-23T05:10:45Z","versions":["9999.0.0"],"sha256":"ac6c9f7bd8d683d0ac227cc4cc38fce0cfb726fb6f69577f49e26ba282dfbbb1"},{"source":"ossf-package-analysis","import_time":"2025-08-23T05:35:59.280936963Z","modified_time":"2025-08-23T05:30:38Z","versions":["9999.0.1"],"sha256":"bdbadf924620c79652d50ccedd3ddbc5f1a6dbe501c03f5dc79697404147ba08"},{"source":"reversing-labs","import_time":"2025-09-26T11:06:03.471102247Z","modified_time":"2025-09-26T09:43:19Z","sha256":"661e3decfcbcead3d43fa8a310a39e36907cd561dcbab79724141d6369ead777","versions":["99.99.99","99.99.100","9999.0.0","9999.0.1","9999.0.2"],"id":"RLMA-2025-05148"}]},"affected":[{"package":{"name":"sdp-transform-parser","ecosystem":"npm","purl":"pkg:npm/sdp-transform-parser"},"ranges":[{"type":"SEMVER","events":[{"introduced":"99.99.99"}]}],"versions":["99.99.100","9999.0.2","9999.0.0","9999.0.1","99.99.99"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/sdp-transform-parser/MAL-2025-41263.json"}}],"schema_version":"1.7.3","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}