MAL-2025-192706

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@ownbackup/ob-query-builder/MAL-2025-192706.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-192706
Published
2025-12-23T07:49:19Z
Modified
2025-12-24T01:13:26.691424Z
Summary
Malicious code in @ownbackup/ob-query-builder (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (8e883403626d57ea766a1c9e33634ceb5558b9293ef87e9fb60ffa6d052e2454)

The package @ownbackup/ob-query-builder was found to contain malicious code.

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "25.0.0"
            ],
            "id": "RLMA-2025-06036",
            "modified_time": "2025-12-23T07:49:19Z",
            "import_time": "2025-12-23T15:39:06.707253586Z",
            "sha256": "e5ea98c5f7d5e4e28ba1b61c78385560d5de72449ef524fded5dd7b8db880fb5",
            "source": "reversing-labs"
        },
        {
            "versions": [
                "25.0.0"
            ],
            "import_time": "2025-12-24T00:51:43.131028184Z",
            "modified_time": "2025-12-24T00:41:11Z",
            "sha256": "8e883403626d57ea766a1c9e33634ceb5558b9293ef87e9fb60ffa6d052e2454",
            "source": "amazon-inspector"
        }
    ]
}
References
Credits

Affected packages

npm / @ownbackup/ob-query-builder

Package

Name
@ownbackup/ob-query-builder
View open source insights on deps.dev
Purl
pkg:npm/%40ownbackup/ob-query-builder

Affected ranges

Affected versions

25.*
25.0.0

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@ownbackup/ob-query-builder/MAL-2025-192706.json"