{"schema_version":"1.7.3","id":"MAL-2026-1216","published":"2026-03-03T08:21:23Z","modified":"2026-03-08T01:50:36.484687Z","summary":"Malicious code in pdfjs-dist-v5 (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (e5827ccd19d073818da31059d76a725b171d1fc793a4f2591ed0118a35b46c35)\nThe package pdfjs-dist-v5 was found to contain malicious code.\n\n## Source: ossf-package-analysis (ea3eea654406297d9c58cb235af1e0ff5095edde635d85444f41f9189cd2e88f)\nThe OpenSSF Package Analysis project identified 'pdfjs-dist-v5' @ 100.25.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n","affected":[{"package":{"name":"pdfjs-dist-v5","ecosystem":"npm","purl":"pkg:npm/pdfjs-dist-v5"},"versions":["100.25.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/pdfjs-dist-v5/MAL-2026-1216.json"}}],"database_specific":{"malicious-packages-origins":[{"import_time":"2026-03-03T08:47:59.459284827Z","modified_time":"2026-03-03T08:21:23Z","sha256":"ea3eea654406297d9c58cb235af1e0ff5095edde635d85444f41f9189cd2e88f","source":"ossf-package-analysis","versions":["100.25.0"]},{"import_time":"2026-03-08T01:37:57.658186211Z","modified_time":"2026-03-08T01:35:03Z","sha256":"e5827ccd19d073818da31059d76a725b171d1fc793a4f2591ed0118a35b46c35","source":"amazon-inspector","versions":["100.25.0"]}]},"credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}