{"id":"MAL-2023-1429","summary":"Malicious code in modified_bayes (RubyGems)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (1c5711b3c10ba19ca7c68581b9cd246029ba621b35c0371e4a043d69050b9363)\nThe OpenSSF Package Analysis project identified 'modified_bayes' @ 10.1.0 (rubygems) as malicious.\n\nIt is considered malicious because:\n- The package communicates with a domain associated with malicious activity.\n","modified":"2023-08-10T06:17:50Z","published":"2023-05-04T10:20:51Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2023-05-04T10:20:51.253291062Z","import_time":"2023-08-10T06:15:37.492824258Z","sha256":"1c5711b3c10ba19ca7c68581b9cd246029ba621b35c0371e4a043d69050b9363","versions":["10.1.0"],"source":"ossf-package-analysis"},{"modified_time":"2023-05-04T12:21:04.66128423Z","import_time":"2023-08-10T06:15:39.351178762Z","sha256":"d6214823b9c6012d59a4f1b7615e6a223d724676e2e0f3a37f0659f7a7b3006a","versions":["13.1.1"],"source":"ossf-package-analysis"}]},"affected":[{"package":{"name":"modified_bayes","ecosystem":"RubyGems","purl":"pkg:gem/modified_bayes"},"versions":["10.1.0","13.1.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/modified_bayes/MAL-2023-1429.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}