{"id":"MAL-2024-5881","summary":"Malicious code in requesqs (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","aliases":["SNYK-PYTHON-REQUESQS-6513334"],"modified":"2024-10-24T01:01:59Z","published":"2024-06-25T13:41:33Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2024-06-25T13:41:33Z","sha256":"4a1343ce9e187d5daaf286e2cb73bc45436f6f5f1d5cacf110815bc8ba210014","import_time":"2024-06-28T02:50:29.234086612Z","versions":["1.0.0"],"source":"reversing-labs","id":"RLMA-2024-04682"},{"modified_time":"2024-10-16T14:50:05Z","sha256":"b5f4c7d616f1ab24d417567f24b30a3cbae10096f71b15ea539d0439bb8954e1","import_time":"2024-10-24T01:00:02.784762803Z","source":"reversing-labs","id":"RLUA-2024-09141"}]},"references":[{"type":"ARTICLE","url":"https://medium.com/checkmarx-security/pypi-is-under-attack-project-creation-and-user-registration-suspended-heres-the-details-c3b6291d4579"},{"type":"ADVISORY","url":"https://security.snyk.io/vuln/SNYK-PYTHON-REQUESQS-6513334"}],"affected":[{"package":{"name":"requesqs","ecosystem":"PyPI","purl":"pkg:pypi/requesqs"},"versions":["1.0.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/requesqs/MAL-2024-5881.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}