{"id":"MAL-2024-7834","summary":"Malicious code in melio-platform-api-client (RubyGems)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (cb4e0efafa3bf0645819f2aa88cfdc7778f938470c0984afc5e1f1504df982aa)\nThe OpenSSF Package Analysis project identified 'melio-platform-api-client' @ 5.0.0 (rubygems) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2024-10-24T01:02:00Z","published":"2024-07-28T23:15:41Z","database_specific":{"malicious-packages-origins":[{"source":"ossf-package-analysis","import_time":"2024-07-28T23:33:52.252012045Z","versions":["5.0.0"],"sha256":"cb4e0efafa3bf0645819f2aa88cfdc7778f938470c0984afc5e1f1504df982aa","modified_time":"2024-07-28T23:15:41Z"},{"source":"reversing-labs","id":"RLMA-2024-10315","versions":["3.0.1","3.1.1","3.1.2","3.1.4","4.4.4","4.4.5","4.4.6","5.0.0","5.0.1"],"sha256":"3a2b123e03a1e782c385419aff070781610593da7fef94b4d548673d591615cd","modified_time":"2024-10-16T15:04:22Z","import_time":"2024-10-24T00:57:13.045934193Z"}]},"affected":[{"package":{"name":"melio-platform-api-client","ecosystem":"RubyGems","purl":"pkg:gem/melio-platform-api-client"},"versions":["5.0.0","3.0.1","3.1.1","3.1.2","3.1.4","4.4.4","4.4.5","4.4.6","5.0.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/melio-platform-api-client/MAL-2024-7834.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}