{"id":"MAL-2025-47896","summary":"Malicious code in @igh/server-updater-ssh-l1 (npm)","details":"The package contains malicious code.","modified":"2025-10-02T05:54:20Z","published":"2025-10-02T05:54:20Z","database_specific":{"malicious-packages-origins":null},"affected":[{"package":{"name":"@igh/server-updater-ssh-l1","ecosystem":"npm","purl":"pkg:npm/%40igh/server-updater-ssh-l1"},"versions":["1.2.17"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@igh/server-updater-ssh-l1/MAL-2025-47896.json","cwes":[{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."}]}}],"schema_version":"1.7.3","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}