Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS01Z3JyLTcyZjktNjc4ds4AA93Y
Malware package cipherbcrypt
Malicious package. Exfiltrated secrets to a target server.
Permalink: https://github.com/advisories/GHSA-5grr-72f9-678vJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01Z3JyLTcyZjktNjc4ds4AA93Y
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 4 months ago
Updated: 4 months ago
Identifiers: GHSA-5grr-72f9-678v
References:
- https://github.com/pypa/advisory-database/commit/f8df7b7d0444991716fb449d55adf50067d0ba38
- https://github.com/pypa/advisory-database/tree/main/vulns/cipherbcrypt/PYSEC-2024-55.yaml
- https://github.com/advisories/GHSA-5grr-72f9-678v
Affected Packages
pypi:cipherbcrypt
Dependent packages: 0Dependent repositories: 0
Downloads: 164 last month
Affected Version Ranges: >= 0
No known fixed version
All affected versions: