{"id":"MAL-2024-6377","summary":"Malicious code in action-component (RubyGems)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","modified":"2024-10-24T01:02:00Z","published":"2024-06-25T13:45:55Z","database_specific":{"malicious-packages-origins":[{"sha256":"66e7f0c5efb1ff9e5b3d3b5095d1ac63cc8a557644a76f79de3458b6dd7867c4","import_time":"2024-06-28T02:51:30.308478438Z","versions":["0.1.4"],"source":"reversing-labs","id":"RLMA-2024-05184","modified_time":"2024-06-25T13:45:55Z"},{"sha256":"af07169709b628d8e13d4ae2ccf6ffb99d1dcc1aa0ea895a26faa8bcfee70d3b","import_time":"2024-10-24T01:00:37.283734839Z","source":"reversing-labs","id":"RLUA-2024-09703","modified_time":"2024-10-16T14:56:23Z"}]},"references":[{"type":"ARTICLE","url":"https://blog.reversinglabs.com/blog/mining-for-malicious-ruby-gems"}],"affected":[{"package":{"name":"action-component","ecosystem":"RubyGems","purl":"pkg:gem/action-component"},"versions":["0.1.4"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/action-component/MAL-2024-6377.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}