MAL-2024-5646

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/pybowl/MAL-2024-5646.json

JSON Data

https://api.test.osv.dev/v1/vulns/MAL-2024-5646

Published

2024-06-25T13:39:29Z

Modified

2024-10-24T01:01:59Z

Summary

Malicious code in pybowl (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "1f07bf489ec894ec4fd8d56a8c7676d76e69105bc3090fe0b441659614d63f66",
            "import_time": "2024-06-28T02:49:59.060659335Z",
            "versions": [
                "1.0.4",
                "1.0.1",
                "1.0.3"
            ],
            "id": "RLMA-2024-04428",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:39:29Z"
        },
        {
            "sha256": "2ed357e130eb3fe712af2775b888af5b47ae15ed7f46d907720e1b102e8bd638",
            "import_time": "2024-10-24T00:59:46.745117606Z",
            "id": "RLUA-2024-08864",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T14:47:14Z"
        }
    ]
}

References

https://github.com/DataDog/malicious-software-packages-dataset

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / pybowl

Package

Name: pybowl; View open source insights on deps.dev
Purl: pkg:pypi/pybowl

Affected ranges

Affected versions

1.*

1.0.1

1.0.3

1.0.4