{"id":"MAL-2024-5530","summary":"Malicious code in piphttps (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","modified":"2024-10-24T01:01:59Z","published":"2024-06-25T13:38:34Z","database_specific":{"malicious-packages-origins":[{"versions":["1"],"id":"RLMA-2024-04312","sha256":"caeeb41fcd74ad23ed7f5b303711a3837ba8cc035e85eeeda57a59845889b41a","import_time":"2024-06-28T02:49:45.549721788Z","source":"reversing-labs","modified_time":"2024-06-25T13:38:34Z"},{"source":"reversing-labs","id":"RLUA-2024-08740","sha256":"c346f972e4402e3ef8b26da6876b687db61ebd3bd4960fd70508cbb879f9b748","import_time":"2024-10-24T00:59:38.675938195Z","modified_time":"2024-10-16T14:45:59Z"}]},"references":[{"type":"ARTICLE","url":"https://www.reversinglabs.com/blog/beware-impostor-http-libraries-lurk-on-pypi"},{"type":"ADVISORY","url":"https://research.jfrog.com/malicious-packages/"}],"affected":[{"package":{"name":"piphttps","ecosystem":"PyPI","purl":"pkg:pypi/piphttps"},"versions":["1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/piphttps/MAL-2024-5530.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}