MAL-2024-6029

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/sparkk/MAL-2024-6029.json

JSON Data

https://api.test.osv.dev/v1/vulns/MAL-2024-6029

Published

2024-06-25T13:42:44Z

Modified

2024-10-24T01:01:59Z

Summary

Malicious code in sparkk (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "29bd8dc70259d74ab5d3bdd13b4d056581ee75ae9d30adffc3abb35793e2e0de",
            "import_time": "2024-06-28T02:50:47.721237285Z",
            "versions": [
                "3.0.1"
            ],
            "id": "RLMA-2024-04832",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:42:44Z"
        },
        {
            "sha256": "50cbd1cb2bc28c2a24bea791d0cee645c46c923d047e849edc95b8b730f7cc0b",
            "import_time": "2024-10-24T01:00:12.747840522Z",
            "id": "RLUA-2024-09298",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T14:51:40Z"
        }
    ]
}

References

https://blog.virustotal.com/2023/06/inside-of-wasps-nest-deep-dive-into.html

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / sparkk

Package

Name: sparkk; View open source insights on deps.dev
Purl: pkg:pypi/sparkk

Affected ranges

Affected versions

3.*

3.0.1