Ecosystem	Package	Version

Vulnerabilities

sonatype-2025-004311

sonatype-2025-004311

Malicious Packages - Tue Oct 28 2025 [Info Stealer]

Published Oct 28, 2025

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49283.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49284.json

CVSS ScoreMedium

5.3

Ecosystem	Package	Version


npm	gel-gss	100.1.1
npm	gel-gss	99.9.0
npm	gel-gss	99.9.9
npm	gel-iconfont	100.1.1
npm	gel-iconfont	99.9.10
npm	gel-iconfont	99.9.9

sonatype-2025-004311 | Components Impacted | Sonatype Guide | Sonatype Guide