MAL-2024-6584

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/aliyun_push/MAL-2024-6584.json
JSON Data
https://api.test.osv.dev/v1/vulns/MAL-2024-6584
Published
2024-06-25T13:48:02Z
Modified
2024-10-24T01:02:00Z
Summary
Malicious code in aliyun_push (RubyGems)
Details

-= Per source details. Do not edit below this line.=-

Database specific 
{
    "malicious-packages-origins": [
        {
            "versions": [
                "0.1.0"
            ],
            "modified_time": "2024-06-25T13:48:02Z",
            "id": "RLMA-2024-05390",
            "import_time": "2024-06-28T02:51:55.227200215Z",
            "sha256": "f92a24c81d59c478c8efea52d73be8c35b514d481d654260ea52289ed5acc775",
            "source": "reversing-labs"
        },
        {
            "modified_time": "2024-10-16T14:59:06Z",
            "id": "RLUA-2024-09909",
            "import_time": "2024-10-24T01:00:52.440300292Z",
            "sha256": "dbf4cda5bdc07ddcd01384daab9c8abb048fd9c2b1bb2d7ad652199bba946b60",
            "source": "reversing-labs"
        }
    ]
}
References
Credits

Affected packages

RubyGems / aliyun_push

Package

Name
aliyun_push
Purl
pkg:gem/aliyun_push

Affected ranges

Affected versions

0.*

0.1.0

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/aliyun_push/MAL-2024-6584.json"