From 8b976ddfcca8fbb4225f4c29353df7da4315407a Mon Sep 17 00:00:00 2001
From: poppysec <poppaea@stacklok.com>
Date: Thu, 9 Jan 2025 17:24:43 +0000
Subject: [PATCH] Add report for hardhat-dotenv

Signed-off-by: poppysec <poppaea@stacklok.com>
---
 .../MAL-0000-hardhat-dotenv.json              | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 osv/malicious/npm/hardhat-dotenv/MAL-0000-hardhat-dotenv.json

diff --git a/osv/malicious/npm/hardhat-dotenv/MAL-0000-hardhat-dotenv.json b/osv/malicious/npm/hardhat-dotenv/MAL-0000-hardhat-dotenv.json
new file mode 100644
index 0000000000..f77b664935
--- /dev/null
+++ b/osv/malicious/npm/hardhat-dotenv/MAL-0000-hardhat-dotenv.json
@@ -0,0 +1,29 @@
+{
+    "modified": "2025-01-09T17:22:47.785671Z",
+    "published": "2025-01-09T17:22:47.785671Z",
+    "schema_version": "1.5.0",
+    "id": "",
+    "summary": "Malicious code in hardhat-dotenv (npm)",
+    "details": "The package contains code to exfiltrate environment variables to an attacker-controlled server.",
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "npm",
+                "name": "hardhat-dotenv"
+            },
+            "versions": [
+                "16.4.8",
+                "16.4.7"
+            ]
+        }
+    ],
+    "credits": [
+        {
+            "name": "Stacklok Insight: insight.stacklok.com",
+            "type": "FINDER",
+            "contact": [
+                "https://discord.com/invite/RkzVuTp3WK"
+            ]
+        }
+    ]
+}
\ No newline at end of file