MAL-2024-5168

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/futurejson/MAL-2024-5168.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2024-5168
Published
2024-06-25T13:35:39Z
Modified
2024-10-24T01:01:58Z
Summary
Malicious code in futurejson (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Database specific 
{
    "malicious-packages-origins": [
        {
            "sha256": "4ac75ad65b02419889ad91ec800eee8b06323c424243326ab5f7f6f8fb049faa",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:35:39Z",
            "id": "RLMA-2024-03950",
            "versions": [
                "0.5.0"
            ],
            "import_time": "2024-06-28T02:49:02.448955983Z"
        },
        {
            "sha256": "fb89acb6683ee74a1d9585b7df87e742902eac88a7ed957208b15a753f727741",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T14:41:30Z",
            "id": "RLUA-2024-08306",
            "versions": [
                "0.1.0",
                "0.2.0",
                "0.3.0",
                "0.4.0"
            ],
            "import_time": "2024-10-24T00:59:14.286196938Z"
        }
    ]
}
References
Credits

Affected packages

PyPI / futurejson

Package

Name
futurejson
View open source insights on deps.dev
Purl
pkg:pypi/futurejson

Affected ranges

Affected versions

0.*
0.1.0
0.2.0
0.3.0
0.4.0
0.5.0

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/futurejson/MAL-2024-5168.json"