MAL-2024-5609

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/py-cordw/MAL-2024-5609.json

JSON Data

https://api.test.osv.dev/v1/vulns/MAL-2024-5609

Aliases

SNYK-PYTHON-PYCORDW-6513197

Published

2024-06-25T13:39:12Z

Modified

2024-10-24T01:01:59Z

Summary

Malicious code in py-cordw (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "import_time": "2024-06-28T02:49:54.675741369Z",
            "source": "reversing-labs",
            "versions": [
                "1.0.0"
            ],
            "modified_time": "2024-06-25T13:39:12Z",
            "id": "RLMA-2024-04391",
            "sha256": "8bc4d8e388a8f1b4f8223809d7f580a52b523f29335754dc68b8c024634e6692"
        },
        {
            "import_time": "2024-10-24T00:59:44.321940681Z",
            "source": "reversing-labs",
            "sha256": "1cbac70c82028011a45b4de329ef591e6bc58e678be410117c654b0d4fbc0b72",
            "modified_time": "2024-10-16T14:46:50Z",
            "id": "RLUA-2024-08824"
        }
    ]
}

References

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / py-cordw

Package

Name: py-cordw; View open source insights on deps.dev
Purl: pkg:pypi/py-cordw

Affected ranges

Affected versions

1.*

1.0.0