{"id":"MAL-2024-5207","summary":"Malicious code in htps1 (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","modified":"2024-10-24T01:01:58Z","published":"2024-06-25T13:35:59Z","database_specific":{"malicious-packages-origins":[{"source":"reversing-labs","import_time":"2024-06-28T02:49:06.94653127Z","id":"RLMA-2024-03989","sha256":"42dbec536a1499eae10edb2ac8aeced36c8d858a1e48fd8ceda7b2f83f1f6c3c","versions":["0.2.3","2.3.1"],"modified_time":"2024-06-25T13:35:59Z"},{"source":"reversing-labs","import_time":"2024-10-24T00:59:16.790328396Z","id":"RLUA-2024-08350","sha256":"2f9969e5976d5f53d1c607c2b3e0d60db6e4ef7e6f8644dfafc1cb299a1a29eb","modified_time":"2024-10-16T14:41:58Z"}]},"references":[{"type":"ARTICLE","url":"https://www.reversinglabs.com/blog/beware-impostor-http-libraries-lurk-on-pypi"},{"type":"ADVISORY","url":"https://research.jfrog.com/malicious-packages/"}],"affected":[{"package":{"name":"htps1","ecosystem":"PyPI","purl":"pkg:pypi/htps1"},"versions":["0.2.3","2.3.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/htps1/MAL-2024-5207.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}