{"id":"MAL-2025-48352","summary":"Malicious code in @igh/server-updater-ssh-l2 (npm)","details":"The package contains malicious code.","modified":"2025-10-04T01:46:51Z","published":"2025-10-04T01:46:51Z","database_specific":{"malicious-packages-origins":null},"affected":[{"package":{"name":"@igh/server-updater-ssh-l2","ecosystem":"npm","purl":"pkg:npm/%40igh/server-updater-ssh-l2"},"versions":["1.2.18"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@igh/server-updater-ssh-l2/MAL-2025-48352.json","cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}]}}],"schema_version":"1.7.3","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}