MAL-2024-8017
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/artifact-lab-3-package-392c6acd/MAL-2024-8017.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MAL-2024-8017
- Published
- 2024-08-11T12:41:52Z
- Modified
- 2024-08-11T20:34:52Z
- Summary
- Malicious code in artifact-lab-3-package-392c6acd (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (d4c793b07be2dd53e55879f61090ae0244bd092188ca1a1ba18a58c0de388536)
The OpenSSF Package Analysis project identified 'artifact-lab-3-package-392c6acd' @ 0.1.25 (pypi) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
- Database specific
{ "malicious-packages-origins": [ { "sha256": "b04b33fa38a07736307a011b99bada5213399f1d9a84780fde87d35379149bf1", "import_time": "2024-08-11T12:42:18.732120667Z", "versions": [ "0.1.0" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T12:41:52Z" }, { "sha256": "0b74db471ed1b0a48a9a884583d6398432acf816731f2e144d4598814448b2a4", "import_time": "2024-08-11T17:04:53.96464405Z", "versions": [ "0.1.1" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T16:38:14Z" }, { "sha256": "426c112a7c094fb4b7fc90c461d9f2e023593baa3237816b0a1f44cf8cf8be05", "import_time": "2024-08-11T17:04:54.126029735Z", "versions": [ "0.1.3" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T17:03:14Z" }, { "sha256": "4919fee24d801edd7b2c72355220531b85d866e2b1d3aa1356ecf96d502a8b3e", "import_time": "2024-08-11T17:04:54.048600736Z", "versions": [ "0.1.2" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T16:48:00Z" }, { "sha256": "25b5dcc0a902ccca0364b1adfeb59dd71e5485619dc57c084a7e96b810437693", "import_time": "2024-08-11T17:34:08.234676408Z", "versions": [ "0.1.4" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T17:05:53Z" }, { "sha256": "2784ad06b515b45eadac59000859f00562435e2830a62576618f67b8c3cfa167", "import_time": "2024-08-11T17:34:08.417219194Z", "versions": [ "0.1.5" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T17:13:23Z" }, { "sha256": "69d61cefcc6cf774c6dbc7b22a839b5d1b0570aa5e7638e13a20c74f7d2aabdd", "import_time": "2024-08-11T17:34:08.552648802Z", "versions": [ "0.1.6" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T17:15:52Z" }, { "sha256": "4a230307d3b2d380899a8523fafbc4ac44f759ba75e0a25ca75380bc5be2017e", "import_time": "2024-08-11T18:06:54.355638215Z", "versions": [ "0.1.12" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T18:03:04Z" }, { "sha256": "577ecfad7e5daa16507b265734ce120b88662f80b2d5c8d61169d4f73564beb9", "import_time": "2024-08-11T18:06:54.293766107Z", "versions": [ "0.1.7" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T17:35:49Z" }, { "sha256": "57fceac19044d46af3355e3a5617cc1a56a692f6202abc04a8991c2c5ce43ba2", "import_time": "2024-08-11T18:36:45.389589094Z", "versions": [ "0.1.14" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T18:15:45Z" }, { "sha256": "15d315e29e9bcef5ba63d05f663989c41e4b2570aab3beffd7144d1b0c9c62af", "import_time": "2024-08-11T19:05:25.403373746Z", "versions": [ "0.1.19" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T18:45:40Z" }, { "sha256": "2c1b0c294adf07378d7fed96f68f02323a7c6a3569ec8accafc3f98c6c2adb18", "import_time": "2024-08-11T19:05:25.476444779Z", "versions": [ "0.1.20" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T18:52:44Z" }, { "sha256": "9ee23078df91fd461e771be515afab61a9d6c027513c36a5eb1c51dd07b1765d", "import_time": "2024-08-11T19:33:47.071986572Z", "versions": [ "0.1.23" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T19:13:53Z" }, { "sha256": "0ed97948981b790fe0e402d2aa9e65e5d7c1f290e5824fe7d8aa65c5b0f8d54e", "import_time": "2024-08-11T20:04:59.875877793Z", "versions": [ "0.1.22" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T19:47:57Z" }, { "sha256": "d2659f4ca23410cba7aedd7a8ed26405749e89f8066157925d130073ccfa7058", "import_time": "2024-08-11T20:04:59.960462161Z", "versions": [ "0.1.24" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T19:55:10Z" }, { "sha256": "d4c793b07be2dd53e55879f61090ae0244bd092188ca1a1ba18a58c0de388536", "import_time": "2024-08-11T20:34:30.619608446Z", "versions": [ "0.1.25" ], "source": "ossf-package-analysis", "modified_time": "2024-08-11T20:05:42Z" } ] }- References
-
- Credits
-
-
- OpenSSF: Package Analysis - FINDER
-
Affected packages
PyPI / artifact-lab-3-package-392c6acd
Package
- Name
- artifact-lab-3-package-392c6acd
- View open source insights on deps.dev
- Purl
- pkg:pypi/artifact-lab-3-package-392c6acd