MAL-2024-4950

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/colordot/MAL-2024-4950.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-4950

Published

2024-06-25T13:33:53Z

Modified

2024-10-24T01:01:58Z

Summary

Malicious code in colordot (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "id": "RLMA-2024-03730",
            "sha256": "56a8add1d840273e87dfd9f13b70de8d4a4984cf06f4a30e9e6945472227ba98",
            "source": "reversing-labs",
            "versions": [
                "1.4.4"
            ],
            "modified_time": "2024-06-25T13:33:53Z",
            "import_time": "2024-06-28T02:48:37.069275522Z"
        },
        {
            "id": "RLUA-2024-08022",
            "sha256": "21f30c61c20cab50f0097a4be5536c6f4c4f3506194179cbd0d69a5ab55a1b13",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T14:38:30Z",
            "import_time": "2024-10-24T00:58:58.724470806Z"
        }
    ]
}

References

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / colordot

Package

Name: colordot; View open source insights on deps.dev
Purl: pkg:pypi/colordot

Affected ranges

Affected versions

1.*

1.4.4

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/colordot/MAL-2024-4950.json"