{"id":"MAL-2022-7430","summary":"Malicious code in zlibsrc (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (dfbf8f67470456ad6b704fb2c2d47edef71ce077afe59bf1a6f79913bde2fd5d)\nSecurity researchers at Check Point Research discovered a malicious package called `zlibsrc` impersonating the PyPI package `zlib`. PyPI has since removed `zlibsrc`.\n","aliases":["GHSA-h82j-8jxm-68qp"],"modified":"2023-11-08T04:19:56.532946Z","published":"2022-08-30T19:50:42Z","database_specific":{"malicious-packages-origins":[{"source":"ghsa-malware","modified_time":"2022-08-30T19:50:42Z","import_time":"2023-07-30T21:58:12.673868926Z","sha256":"dfbf8f67470456ad6b704fb2c2d47edef71ce077afe59bf1a6f79913bde2fd5d","id":"GHSA-h82j-8jxm-68qp","ranges":[{"events":[{"introduced":"0"}],"type":"ECOSYSTEM"}]}]},"references":[{"type":"WEB","url":"https://pypi.org/project/zlibsrc"},{"type":"WEB","url":"https://research.checkpoint.com/2022/cloudguard-spectral-detects-several-malicious-packages-on-pypi-the-official-software-repository-for-python-developers/"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-h82j-8jxm-68qp"}],"affected":[{"package":{"name":"zlibsrc","ecosystem":"PyPI","purl":"pkg:pypi/zlibsrc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/zlibsrc/MAL-2022-7430.json","cwes":[{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."}]}}],"schema_version":"1.7.3"}