MAL-2024-11648 – notoken887

Package

Manager: pip
Name: notoken887
Vulnerable Version: =0.1.0 || =0.1.1 || =1.1.5 || =1.1.6 || =1.1.8 || =1.1.9 || =1.2 || =1.21 || =1.22 || =1.22.1 || =1.22.3 || =1.22.4 || =1.22.5 || =1.22.6 || =1.22.7 || =1.22.8 || =1.22.9 || =1.23.0 || =1.23.1 || =1.23.3 || =1.23.4 || =1.23.5 || =1.23.6 || =1.23.7 || =1.23.9 || =1.24.2 || =1.24.3 || =1.24.4 || =1.24.5 || =1.24.6 || =1.24.7 || =1.24.8 || =1.24.9 || =1.25.1 || =1.25.2 || =1.25.3 || =1.25.5 || =1.25.6 || =1.25.7 || =1.25.9 || =1.26.1 || =1.26.2 || =1.26.3 || =1.26.4 || =1.26.6.2.3 || =1.26.6.2.3.1 || =1.26.7 || =1.26.8 || =1.26.9 || =1.26.10 || =1.26.11 || =1.26.12 || =1.26.13 || =1.26.14 || =1.26.15 || =1.26.16 || =1.26.17 || =1.26.18 || =1.26.19 || =1.26.20 || =1.26.21 || =1.26.22 || =1.26.23 || =1.26.24 || =1.26.25 || =1.26.26 || =1.26.27 || =1.26.28 || =1.26.29 || =1.26.30 || =1.26.31 || =1.26.32 || =1.26.33 || =1.26.34 || =1.26.35 || =1.26.36 || =1.26.37 || =1.26.39 || =1.26.40

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

EPSS: N/A pctlN/A

Details

Malicious code in notoken887 (PyPI)

Metadata

Created: 2024-12-09T06:50:42Z
Modified: 2024-12-09T06:50:42Z
Source: https://github.com/ossf/malicious-packages
CWE IDs: ["CWE-506"]
Alternative ID: N/A
Finding: F448
Auto approve: 1