MAL-2024-5350

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/manyhttps/MAL-2024-5350.json

JSON Data

https://api.test.osv.dev/v1/vulns/MAL-2024-5350

Published

2024-06-25T13:37:08Z

Modified

2024-10-24T01:01:58Z

Summary

Malicious code in manyhttps (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "66a4b0c8be57aa76fd1cbaf8492873bf574484d333d940989c3b3135f188c2df",
            "import_time": "2024-06-28T02:49:24.501763188Z",
            "versions": [
                "2.33.12",
                "2.33.1",
                "2.33.9",
                "2.33.13",
                "2.33.10",
                "2.33.11",
                "2.33.7",
                "2.33.8"
            ],
            "id": "RLMA-2024-04132",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:37:08Z"
        },
        {
            "sha256": "e87e73eff7369593f29af68c594d4b55f1784a9489efdca048c6e3835a494b74",
            "import_time": "2024-10-24T00:59:26.427997282Z",
            "id": "RLUA-2024-08497",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T14:43:30Z"
        }
    ]
}

References

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / manyhttps

Package

Name: manyhttps; View open source insights on deps.dev
Purl: pkg:pypi/manyhttps

Affected ranges

Affected versions

2.*

2.33.1

2.33.7

2.33.8

2.33.9

2.33.10

2.33.11

2.33.12

2.33.13