MAL-2024-5322

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/libpeshnx/MAL-2024-5322.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-5322

Published

2024-06-25T13:36:54Z

Modified

2024-10-24T01:01:58Z

Summary

Malicious code in libpeshnx (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "source": "reversing-labs",
            "id": "RLMA-2024-04104",
            "modified_time": "2024-06-25T13:36:54Z",
            "sha256": "e75ac5f26ef83cfab5e5c1a617f69b51229f73f2837c91ac2428f36782cdb31c",
            "versions": [
                "0.1"
            ],
            "import_time": "2024-06-28T02:49:21.218096146Z"
        },
        {
            "source": "reversing-labs",
            "id": "RLUA-2024-08468",
            "modified_time": "2024-10-16T14:43:12Z",
            "sha256": "5ffe13e039df722d26ef43e59cabf953041e169562ec6bdf919bc591e8dde5c6",
            "import_time": "2024-10-24T00:59:24.363569483Z"
        }
    ]
}

References

https://blog.reversinglabs.com/blog/suppy-chain-malware-detecting-malware-in-package-manager-repositories

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / libpeshnx

Package

Name: libpeshnx; View open source insights on deps.dev
Purl: pkg:pypi/libpeshnx

Affected ranges

Affected versions

0.*

0.1

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/libpeshnx/MAL-2024-5322.json"