MAL-2024-12315
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/oaieval/MAL-2024-12315.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2024-12315
- Published
- 2024-07-26T16:53:30Z
- Modified
- 2026-03-19T12:36:06.309005Z
- Summary
- Malicious code in oaieval (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: kam193 (fd257dee43f966eaacc56e07462eae9170a8a81dc1be6f0df9145f8c3a44de59)
Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.
Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
Campaign: GENERIC-standard-pypi-install-pentest
Reasons (based on the campaign):
The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.
The package overrides the install command in setup.py to execute malicious code during installation.
- Database specific
{ "malicious-packages-origins": [ { "source": "kam193", "modified_time": "2024-07-26T16:53:30Z", "sha256": "4fd2d50c99b655b45a3a1a6846c006743a391654ac8f7558bda412b3b09fac14", "id": "pypi/GENERIC-standard-pypi-install-pentest/oaieval", "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" } ] } ], "import_time": "2025-12-02T22:30:56.260847907Z" }, { "source": "kam193", "modified_time": "2024-07-26T16:53:30Z", "sha256": "fd257dee43f966eaacc56e07462eae9170a8a81dc1be6f0df9145f8c3a44de59", "id": "pypi/GENERIC-standard-pypi-install-pentest/oaieval", "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" } ] } ], "import_time": "2025-12-02T23:07:19.446487463Z" }, { "versions": [ "1.0.1", "1.0.2", "1.0.3", "1.0.4", "1.0.5", "1.0.6" ], "modified_time": "2024-07-26T16:53:30Z", "sha256": "211ed96118a5f40e88c6197c74c89c6a29c7419332fa3d55b1353631ce1eb049", "id": "pypi/GENERIC-standard-pypi-install-pentest/oaieval", "source": "kam193", "import_time": "2025-12-10T21:38:58.560908939Z" }, { "versions": [ "1.0.1", "1.0.2", "1.0.3", "1.0.4", "1.0.5", "1.0.6" ], "modified_time": "2024-07-26T16:53:30Z", "sha256": "af87ffc864d83aeb78ff923fd197996a4c4641c2ff512ddd201d41ee94efe60a", "id": "pypi/GENERIC-standard-pypi-install-pentest/oaieval", "source": "kam193", "import_time": "2026-01-14T11:08:23.877994502Z" }, { "versions": [ "1.0.1", "1.0.2", "1.0.3", "1.0.4", "1.0.5", "1.0.6" ], "modified_time": "2026-03-18T12:16:36Z", "sha256": "e767a93790e5536e5bc019d6f94756873f724716638bc2b832cb26d3854b1916", "id": "RLMA-2026-00566", "source": "reversing-labs", "import_time": "2026-03-19T12:18:18.873422922Z" } ] }- References
- Credits
-
-
- Kamil Mańkowski (kam193)
-
- Kamil Mańkowski (kam193) - ANALYST
-
- Kamil Mańkowski (kam193) - REPORTER
-
- ReversingLabs - FINDER
-
Affected packages
PyPI / oaieval
Package
- Name
- oaieval
- View open source insights on deps.dev
- Purl
- pkg:pypi/oaieval