MAL-2024-6951

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/jmcnevin-rghost-barcode/MAL-2024-6951.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-6951

Published

2024-06-25T13:51:26Z

Modified

2024-10-24T01:02:00Z

Summary

Malicious code in jmcnevin-rghost-barcode (RubyGems)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "df452a0ef98cf0eee879084f45d6b97978beaed509eda7082ddf6eedd12d6ed4",
            "import_time": "2024-06-28T02:52:38.179861429Z",
            "versions": [
                "0.8.8"
            ],
            "id": "RLMA-2024-05757",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:51:26Z"
        },
        {
            "sha256": "8396bdb593369ea33dcf24a13e95ecb21eed54497cedaa5a6f755bacf08a935a",
            "import_time": "2024-10-24T01:01:19.137924431Z",
            "id": "RLUA-2024-10276",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T15:03:53Z"
        }
    ]
}

References

https://blog.reversinglabs.com/blog/mining-for-malicious-ruby-gems

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

RubyGems / jmcnevin-rghost-barcode

Package

Name: jmcnevin-rghost-barcode
Purl: pkg:gem/jmcnevin-rghost-barcode

Affected ranges

Affected versions

0.*

0.8.8