{"id":"PYSEC-2024-152","summary":"aiocpa 0.1.13 contains credential harvesting code","details":"aiocpa is a user-facing library for generating color gradients of text.\nVersion 0.1.13 introduced obfuscated, malicious code targeting\nCrypto Pay users, forwarding client credentials to a remote Telegram bot.\nAll versions have been removed from PyPI.\n","modified":"2024-11-25T19:30:00Z","published":"2024-11-25T20:44:28.754767Z","references":[{"type":"EVIDENCE","url":"https://inspector.pypi.io/project/aiocpa/0.1.13/packages/ab/98/7343281068a2c39086d0b877219668a487508197f46e89b3f41046a4a8ba/aiocpa-0.1.13.tar.gz/aiocpa-0.1.13/cryptopay/utils/sync.py#line.44"},{"type":"WEB","url":"https://blog.pypi.org/posts/2024-11-25-aiocpa-attack-analysis/"}],"affected":[{"package":{"name":"aiocpa","ecosystem":"PyPI","purl":"pkg:pypi/aiocpa"},"versions":["0.1.13","0.1.14"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/aiocpa/PYSEC-2024-152.yaml"}}],"schema_version":"1.7.3","credits":[{"name":"Karlo Zanki","type":"REPORTER"},{"name":"Mike Fiedler","type":"COORDINATOR"}]}