{"id":"MAL-2025-47451","summary":"Malicious code in colorinal (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: google-open-source-security (aac66e0b739a7c06226108da151ee90cc6b406fcf287093e3ca4da4f5eebf79e)\nThis package is malicious and allows an attack remote code execution on\nWindows and Linux machines. The package termncolor uses colorinal as a\ndependency. The package colorinal contains the malicious behavior.\n","modified":"2025-09-18T23:08:47Z","published":"2025-09-18T23:08:47Z","database_specific":{"malicious-packages-origins":[{"source":"google-open-source-security","import_time":"2025-09-18T23:09:24.107023Z","versions":["0.1.7"],"sha256":"aac66e0b739a7c06226108da151ee90cc6b406fcf287093e3ca4da4f5eebf79e","modified_time":"2025-09-18T23:08:47Z"}]},"references":[{"type":"REPORT","url":"https://www.zscaler.com/blogs/security-research/supply-chain-risk-python-termncolor-and-colorinal-explained"}],"affected":[{"package":{"name":"colorinal","ecosystem":"PyPI","purl":"pkg:pypi/colorinal"},"versions":["0.1.7"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/colorinal/MAL-2025-47451.json"}}],"schema_version":"1.7.3"}