MAL-2024-6383

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/action-subscriber/MAL-2024-6383.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2024-6383
Published
2024-06-25T13:45:58Z
Modified
2024-10-24T01:02:00Z
Summary
Malicious code in action-subscriber (RubyGems)
Details

-= Per source details. Do not edit below this line.=-

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "32c264d7b441463da3458ac5fca6daa0eece0314c7d0f6cc5e6c62b3db478da9",
            "import_time": "2024-06-28T02:51:30.972878979Z",
            "versions": [
                "5.1.5"
            ],
            "id": "RLMA-2024-05190",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:45:58Z"
        },
        {
            "sha256": "1c4df986cb26bda5fd93a9d15e60f63dfdae7f572b1e5e0266dc4528519b1370",
            "import_time": "2024-10-24T01:00:37.805365124Z",
            "id": "RLUA-2024-09709",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T14:56:27Z"
        }
    ]
}
References
Credits

Affected packages

RubyGems / action-subscriber

Package

Name
action-subscriber
Purl
pkg:gem/action-subscriber

Affected ranges

Affected versions

5.*

5.1.5