MAL-2026-4763
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/pypi/pulumi-vcd/MAL-2026-4763.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-4763
- Withdrawn
- 2026-05-26T22:13:04Z
- Published
- 2026-05-22T13:29:37Z
- Modified
- 2026-05-27T00:32:14.061842853Z
- Summary
- Malicious code in pulumi-vcd (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (08bbc8be2cfa9a85473b0287e3c327b16c3f9e15886869bd9e2188a323448fd9)
Package
pulumi_vcdis published with metadata mimicking an official Pulumi SDK (Homepagehttps://www.pulumi.com, tfgen-style auto-generated bindings) butpulumi_vcd/_utilities.pyandpulumi_vcd/pulumi-plugin.jsonset the provider plugin server togithub://api.github.com/ergSey/pulumi-vcd— a personal GitHub user's repository, not thepulumi/organization that publishes legitimate providers. When a developer who installs this SDK runspulumi up, the Pulumi engine fetches and executes the native provider plugin binary from this personal repo with no hash or signature verification. Whoever controls that GitHub account can ship arbitrary native code to anyone using the SDK. Supporting context: the version string is a unix-timestamp alpha (3.0.0a1779455998), the README links VCD tohttp://example.com, and the package is auto-generated tfgen output — consistent with a quickly-staged namespace impersonation rather than an established community provider. Legitimate Pulumi SDKs point their plugin server atgithub://api.github.com/pulumi/<repo>. - Database specific
{ "malicious-packages-origins": [ { "import_time": "2026-05-26T05:52:08.632133044Z", "versions": [ "3.0.0a1779455998" ], "modified_time": "2026-05-22T13:29:37Z", "sha256": "08bbc8be2cfa9a85473b0287e3c327b16c3f9e15886869bd9e2188a323448fd9", "id": "IN-MAL-2026-004206", "source": "amazon-inspector" }, { "import_time": "2026-05-26T05:53:00.137179398Z", "source": "amazon-inspector", "modified_time": "2026-05-25T12:29:42Z", "id": "IN-MAL-2026-004640", "sha256": "2b92283e1b683463e095c1875bf657565f5820aa4b59f10d48a4f9ba75ec1f50", "versions": [ "3.0.0a1779710724" ] } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
Affected packages
PyPI / pulumi-vcd
Package
- Name
- pulumi-vcd
- View open source insights on deps.dev
- Purl
- pkg:pypi/pulumi-vcd
Database specific
indicators
{
"package_integrity": [
{
"filename": "pulumi_vcd-3.0.0a1779455998-py3-none-any.whl",
"hashes": {
"blake2b_256": "11604e18aa09b910660835a8ac69dfab6283f3c175df43e39a32afe586c2f16c",
"sha256": "34e0073f325d91b71fbe40ef7ca6292c01e43595c6add9697b5cf7b2ecb1ff41",
"md5": "d926dab280d339d3a8aa64e8fa6f052e"
}
},
{
"filename": "pulumi_vcd-3.0.0a1779455998.tar.gz",
"hashes": {
"blake2b_256": "3e5a5a3092ed93549d84c39bb95b74289cf4defe0aa6eba3f1b6c08ce7e305ba",
"sha256": "2821e66c2c08752de066c00674a8e6784cb15138da1f5526d0673019678de999",
"md5": "585449a16724fed1fd4730d24d445ce4"
}
}
],
"evidence_files": [
{
"path": "pulumi_vcd/_utilities.py",
"sha256": "696c6c4794728b236629e56660c30cd7c32a9e4ddc4fe48a3facd6646f81da04",
"tlsh": "ad22c8636961e273c3664578a8daa001a37c79535f106478b86c81347f5aabcc3b2fec"
},
{
"path": "pyproject.toml",
"sha256": "d9c54c6b2645296cf6494814818e257ce0a6d00684e5c1b20fc1156ad6899426",
"tlsh": "f30120b388248d56b688d580b8742b02fb63a0a16b88c44d77a6c0406f4c5c3c3edafd"
}
]
}
cwes
[
{
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature.",
"cweId": "CWE-506"
},
{
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature.",
"cweId": "CWE-506"
}
]
source
"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/pypi/pulumi-vcd/MAL-2026-4763.json"