{"id":"MAL-2022-7429","summary":"Malicious code in winrpcexploit (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (46976ed2bca7738154d7f53ebb0e98864eafcf5753fc7753b509c6ce4d9ac9b4)\nSecurity researchers at Check Point Research discovered a malicious package called `WINRPCexploit`. PyPI has since removed `WINRPCexploit`.\n","aliases":["GHSA-58g2-rgrr-6q9r"],"modified":"2023-11-08T04:15:36.339762Z","published":"2022-08-30T19:52:47Z","database_specific":{"malicious-packages-origins":[{"sha256":"46976ed2bca7738154d7f53ebb0e98864eafcf5753fc7753b509c6ce4d9ac9b4","import_time":"2023-07-30T21:57:53.993373156Z","source":"ghsa-malware","modified_time":"2022-08-30T19:52:48Z","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"id":"GHSA-58g2-rgrr-6q9r"}]},"references":[{"type":"WEB","url":"https://pypi.org/project/WINRPCexploit/"},{"type":"WEB","url":"https://research.checkpoint.com/2022/cloudguard-spectral-detects-several-malicious-packages-on-pypi-the-official-software-repository-for-python-developers/"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-58g2-rgrr-6q9r"}],"affected":[{"package":{"name":"winrpcexploit","ecosystem":"PyPI","purl":"pkg:pypi/winrpcexploit"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/winrpcexploit/MAL-2022-7429.json","cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}]}}],"schema_version":"1.7.3"}