MAL-2024-8022

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/artifact-lab-3-package-7e532784/MAL-2024-8022.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2024-8022
Published
2024-08-14T11:26:37Z
Modified
2024-08-14T15:05:22Z
Summary
Malicious code in artifact-lab-3-package-7e532784 (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (00a967bdca3122326c26e502bce76d8815045c207bde9083652d539513d542b6)

The OpenSSF Package Analysis project identified 'artifact-lab-3-package-7e532784' @ 0.1.12 (pypi) as malicious.

It is considered malicious because:

  • The package communicates with a domain associated with malicious activity.
Database specific 
{
    "malicious-packages-origins": [
        {
            "modified_time": "2024-08-14T11:26:37Z",
            "import_time": "2024-08-14T11:34:00.722485888Z",
            "source": "ossf-package-analysis",
            "versions": [
                "0.1.0"
            ],
            "sha256": "b7715b96d417d7d44d5a13992897b37164720dfa25feea80857c5c1e415a265b"
        },
        {
            "modified_time": "2024-08-14T12:01:37Z",
            "import_time": "2024-08-14T12:07:56.268016261Z",
            "source": "ossf-package-analysis",
            "versions": [
                "0.1.3"
            ],
            "sha256": "7ac36a56313ee06e44dae8eaa99df222d0ec456bf76bb13877fe1f4b7c45d61a"
        },
        {
            "modified_time": "2024-08-14T12:06:06Z",
            "import_time": "2024-08-14T12:07:56.365652175Z",
            "source": "ossf-package-analysis",
            "versions": [
                "0.1.4"
            ],
            "sha256": "aac3d9b34a40c012a7da87a3eebd21c743e252783983e1ed9aa2a5ba5794a78f"
        },
        {
            "modified_time": "2024-08-14T12:26:00Z",
            "import_time": "2024-08-14T12:44:05.911222484Z",
            "source": "ossf-package-analysis",
            "versions": [
                "0.1.6"
            ],
            "sha256": "fc1baf171a4780af920c754cb3d57915141366e5c1b895fa0c23734a22eda37d"
        },
        {
            "modified_time": "2024-08-14T13:16:17Z",
            "import_time": "2024-08-14T13:34:02.805735298Z",
            "source": "ossf-package-analysis",
            "versions": [
                "0.1.8"
            ],
            "sha256": "1d4f6f6a7704b8ff4ed08860b91d9a401bfd17b70d2f2b66df763162c7ce3a8e"
        },
        {
            "modified_time": "2024-08-14T13:55:48Z",
            "import_time": "2024-08-14T14:05:10.559866519Z",
            "source": "ossf-package-analysis",
            "versions": [
                "0.1.12"
            ],
            "sha256": "00a967bdca3122326c26e502bce76d8815045c207bde9083652d539513d542b6"
        },
        {
            "modified_time": "2024-08-14T14:42:28Z",
            "import_time": "2024-08-14T15:04:55.475937301Z",
            "source": "ossf-package-analysis",
            "versions": [
                "0.1.15"
            ],
            "sha256": "6e15c34b67ae60fd49831ca3c0cfb882784b65a4993e509163de0bf9d2729343"
        },
        {
            "modified_time": "2024-08-14T14:40:58Z",
            "import_time": "2024-08-14T15:04:55.407829088Z",
            "source": "ossf-package-analysis",
            "versions": [
                "0.1.14"
            ],
            "sha256": "8950d0520219819f4495986db576683b9ec18bef788eaea6ac93b36ed0277684"
        }
    ]
}
References
Credits

Affected packages

PyPI / artifact-lab-3-package-7e532784

Package

Name
artifact-lab-3-package-7e532784
View open source insights on deps.dev
Purl
pkg:pypi/artifact-lab-3-package-7e532784

Affected ranges

Affected versions

0.*

0.1.0
0.1.3
0.1.4
0.1.6
0.1.8
0.1.12
0.1.14
0.1.15