MAL-2024-6772

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/belong_plugin-rds-pgsql-log/MAL-2024-6772.json

JSON Data

https://api.test.osv.dev/v1/vulns/MAL-2024-6772

Published

2024-06-25T13:49:43Z

Modified

2024-10-24T01:02:00Z

Summary

Malicious code in belong_plugin-rds-pgsql-log (RubyGems)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "5eb659747d11117b89c2c33af9cc5b0e492ff01db9d3d744ed925aad981decb6",
            "id": "RLMA-2024-05578",
            "versions": [
                "0.3.2"
            ],
            "modified_time": "2024-06-25T13:49:43Z",
            "source": "reversing-labs",
            "import_time": "2024-06-28T02:52:17.23853549Z"
        },
        {
            "sha256": "f42e73e2b2f9c95369b798743dde3ce1060af7c70eaaf12a431b884e386920d1",
            "id": "RLUA-2024-10097",
            "modified_time": "2024-10-16T15:01:36Z",
            "source": "reversing-labs",
            "import_time": "2024-10-24T01:01:06.375047865Z"
        }
    ]
}

References

https://blog.reversinglabs.com/blog/mining-for-malicious-ruby-gems

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

RubyGems / belong_plugin-rds-pgsql-log

Package

Name: belong_plugin-rds-pgsql-log
Purl: pkg:gem/belong_plugin-rds-pgsql-log

Affected ranges

Affected versions

0.*

0.3.2