MAL-2024-10224

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/znowflake_client/MAL-2024-10224.json
JSON Data
https://api.test.osv.dev/v1/vulns/MAL-2024-10224
Published
2024-10-16T15:05:10Z
Modified
2024-12-09T14:39:23Z
Summary
Malicious code in znowflake_client (RubyGems)
Details

-= Per source details. Do not edit below this line.=-

Database specific 
{
    "malicious-packages-origins": [
        {
            "modified_time": "2024-10-16T15:05:10Z",
            "import_time": "2024-10-24T00:57:13.234294567Z",
            "versions": [
                "1.1.1",
                "1.1.2",
                "1.1.3",
                "1.1.4",
                "1.1.5",
                "1.1.6",
                "1.1.7",
                "1.1.8",
                "1.1.9",
                "2.0.0",
                "2.1.0"
            ],
            "id": "RLMA-2024-10375",
            "source": "reversing-labs",
            "sha256": "3cfea6ca7519bc610003f8cc86f57732ae75ecc8fe7c093a242f67c250d6d1e6"
        },
        {
            "modified_time": "2024-12-09T06:51:37Z",
            "import_time": "2024-12-09T14:38:54.048369831Z",
            "id": "RLUA-2024-11218",
            "source": "reversing-labs",
            "sha256": "68dac0e7a16edcb59cf6c6606310372de40db78b2501b9227e7d80434c2530af"
        }
    ]
}
References
Credits

Affected packages

RubyGems / znowflake_client

Package

Name
znowflake_client
Purl
pkg:gem/znowflake_client

Affected ranges

Affected versions

1.*

1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.1.7
1.1.8
1.1.9

2.*

2.0.0
2.1.0