MAL-2025-192705

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@ownbackup/ob-loader/MAL-2025-192705.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-192705
Published
2025-12-23T07:49:19Z
Modified
2025-12-24T01:13:24.880999Z
Summary
Malicious code in @ownbackup/ob-loader (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (687afc025587f4d90747fd2ebf5cfe350f93f2abc39393f85d07fa96c69161e3)

The package @ownbackup/ob-loader was found to contain malicious code.

Database specific 
{
    "malicious-packages-origins": [
        {
            "import_time": "2025-12-23T15:39:06.614591111Z",
            "modified_time": "2025-12-23T07:49:19Z",
            "source": "reversing-labs",
            "sha256": "b849dd0c72170cb42086db61c4443a739c73973a948f4f6648b9d66f67a70525",
            "id": "RLMA-2025-06035",
            "versions": [
                "25.0.0"
            ]
        },
        {
            "import_time": "2025-12-24T00:51:41.89859949Z",
            "modified_time": "2025-12-24T00:41:11Z",
            "source": "amazon-inspector",
            "sha256": "687afc025587f4d90747fd2ebf5cfe350f93f2abc39393f85d07fa96c69161e3",
            "versions": [
                "25.0.0"
            ]
        }
    ]
}
References
Credits

Affected packages

npm / @ownbackup/ob-loader

Package

Name
@ownbackup/ob-loader
View open source insights on deps.dev
Purl
pkg:npm/%40ownbackup/ob-loader

Affected ranges

Affected versions

25.*
25.0.0

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@ownbackup/ob-loader/MAL-2025-192705.json"