MAL-2024-9264

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/crustyhttp/MAL-2024-9264.json
JSON Data
https://api.test.osv.dev/v1/vulns/MAL-2024-9264
Published
2024-10-07T10:18:20Z
Modified
2024-10-07T10:18:20Z
Summary
Malicious code in crustyhttp (PyPI)
Details

Base64-encoded commands are executed from init.py, which exfiltrate Telegram session data.

Database specific
{
    "malicious-packages-origins": null
}
References
Credits

Affected packages

PyPI / crustyhttp

Package

Affected ranges

Affected versions

1.*

1.3.5