MAL-2024-4606
Vulnerability from ossf_malicious_packages
Published
2024-06-25 13:30
Modified
2024-10-24 01:01
Summary
Malicious code in OtpCsharp (NuGet)
Details
-= Per source details. Do not edit below this line.=-
Credits
{
"affected": [
{
"package": {
"ecosystem": "NuGet",
"name": "OtpCsharp",
"purl": "pkg:nuget/OtpCsharp"
},
"versions": [
"1.0.175",
"1.0.170",
"1.0.90",
"1.0.183",
"1.0.25",
"1.0.128",
"1.0.38",
"1.0.30",
"1.0.54",
"1.0.47",
"1.0.118",
"1.0.131",
"1.0.98",
"1.0.5",
"1.0.66",
"1.0.97",
"1.0.16",
"1.0.124",
"1.0.61",
"1.0.115",
"1.0.193",
"1.0.85",
"1.0.18",
"1.0.8",
"1.0.73",
"1.0.117",
"1.0.197",
"1.0.72",
"1.0.89",
"1.0.177",
"1.0.12",
"1.0.40",
"1.0.148",
"1.0.68",
"1.0.134",
"1.0.168",
"1.0.190",
"1.0.145",
"1.0.26",
"1.0.32",
"1.0.7",
"1.0.93",
"1.0.186",
"1.0.63",
"1.0.161",
"1.0.174",
"1.0.6",
"1.0.140",
"1.0.76",
"1.0.102",
"1.0.104",
"1.0.139",
"1.0.101",
"1.0.96",
"1.0.158",
"1.0.17",
"1.0.37",
"1.0.64",
"1.0.71",
"1.0.53",
"1.0.108",
"1.0.141",
"1.0.164",
"1.0.191",
"1.0.123",
"1.0.159",
"1.0.24",
"1.0.143",
"1.0.56",
"1.0.45",
"1.0.165",
"1.0.81",
"1.0.106",
"1.0.95",
"1.0.59",
"1.0.109",
"1.0.92",
"1.0.195",
"1.0.153",
"1.0.46",
"1.0.84",
"1.0.88",
"1.0.144",
"1.0.99",
"1.0.136",
"1.0.187",
"1.0.151",
"1.0.137",
"1.0.19",
"1.0.156",
"1.0.163",
"1.0.41",
"1.0.107",
"1.0.142",
"1.0.169",
"1.0.179",
"1.0.4",
"1.0.69",
"1.0.113",
"1.0.11",
"1.0.48",
"1.0.82",
"1.0.176",
"1.0.23",
"1.0.3",
"1.0.167",
"1.0.33",
"1.0.160",
"1.0.34",
"1.0.60",
"1.0.87",
"1.0.122",
"1.0.44",
"1.0.65",
"1.0.2",
"1.0.130",
"1.0.135",
"1.0.94",
"1.0.62",
"1.0.200",
"1.0.119",
"1.0.22",
"1.0.28",
"1.0.78",
"1.0.27",
"1.0.125",
"1.0.35",
"1.0.171",
"1.0.181",
"1.0.152",
"1.0.196",
"1.0.100",
"1.0.110",
"1.0.91",
"1.0.121",
"1.0.138",
"1.0.116",
"1.0.146",
"1.0.114",
"1.0.166",
"1.0.79",
"1.0.9",
"1.0.154",
"1.0.103",
"1.0.86",
"1.0.132",
"1.0.194",
"1.0.13",
"2.1.1",
"1.0.188",
"2.1.0",
"1.0.77",
"1.0.43",
"1.0.192",
"1.0.155",
"1.0.29",
"1.0.83",
"1.0.172",
"1.0.147",
"1.0.105",
"1.0.15",
"1.0.129",
"1.0.150",
"1.0.180",
"1.0.189",
"1.0.20",
"1.0.126",
"1.0.178",
"1.0.50",
"1.0.157",
"1.0.111",
"1.0.184",
"1.0.120",
"1.0.198",
"1.0.75",
"1.0.74",
"1.0.182",
"1.0.70",
"1.0.55",
"1.0.185",
"1.0.173",
"1.0.51",
"1.0.21",
"1.0.36",
"1.0.133",
"1.0.58",
"1.0.149",
"1.0.10",
"1.0.42",
"1.0.52",
"1.0.112",
"1.0.80",
"1.0.67",
"1.0.57",
"1.0.49",
"1.0.31",
"1.0.39",
"1.0.1",
"1.0.162",
"1.0.199",
"1.0.127",
"1.0.14"
]
}
],
"credits": [
{
"contact": [
"https://www.reversinglabs.com"
],
"name": "ReversingLabs",
"type": "FINDER"
}
],
"database_specific": {
"malicious-packages-origins": [
{
"id": "RLMA-2024-03392",
"import_time": "2024-06-28T02:47:58.132580848Z",
"modified_time": "2024-06-25T13:30:41Z",
"sha256": "1ae307100b06713845a12446cfca814af6c95fc4c7ab60c00935845241606bc2",
"source": "reversing-labs",
"versions": [
"1.0.175",
"1.0.170",
"1.0.90",
"1.0.183",
"1.0.25",
"1.0.128",
"1.0.38",
"1.0.30",
"1.0.54",
"1.0.47",
"1.0.118",
"1.0.131",
"1.0.98",
"1.0.5",
"1.0.66",
"1.0.97",
"1.0.16",
"1.0.124",
"1.0.61",
"1.0.115",
"1.0.193",
"1.0.85",
"1.0.18",
"1.0.8",
"1.0.73",
"1.0.117",
"1.0.197",
"1.0.72",
"1.0.89",
"1.0.177",
"1.0.12",
"1.0.40",
"1.0.148",
"1.0.68",
"1.0.134",
"1.0.168",
"1.0.190",
"1.0.145",
"1.0.26",
"1.0.32",
"1.0.7",
"1.0.93",
"1.0.186",
"1.0.63",
"1.0.161",
"1.0.174",
"1.0.6",
"1.0.140",
"1.0.76",
"1.0.102",
"1.0.104",
"1.0.139",
"1.0.101",
"1.0.96",
"1.0.158",
"1.0.17",
"1.0.37",
"1.0.64",
"1.0.71",
"1.0.53",
"1.0.108",
"1.0.141",
"1.0.164",
"1.0.191",
"1.0.123",
"1.0.159",
"1.0.24",
"1.0.143",
"1.0.56",
"1.0.45",
"1.0.165",
"1.0.81",
"1.0.106",
"1.0.95",
"1.0.59",
"1.0.109",
"1.0.92",
"1.0.195",
"1.0.153",
"1.0.46",
"1.0.84",
"1.0.88",
"1.0.144",
"1.0.99",
"1.0.136",
"1.0.187",
"1.0.151",
"1.0.137",
"1.0.19",
"1.0.156",
"1.0.163",
"1.0.41",
"1.0.107",
"1.0.142",
"1.0.169",
"1.0.179",
"1.0.4",
"1.0.69",
"1.0.113",
"1.0.11",
"1.0.48",
"1.0.82",
"1.0.176",
"1.0.23",
"1.0.3",
"1.0.167",
"1.0.33",
"1.0.160",
"1.0.34",
"1.0.60",
"1.0.87",
"1.0.122",
"1.0.44",
"1.0.65",
"1.0.2",
"1.0.130",
"1.0.135",
"1.0.94",
"1.0.62",
"1.0.200",
"1.0.119",
"1.0.22",
"1.0.28",
"1.0.78",
"1.0.27",
"1.0.125",
"1.0.35",
"1.0.171",
"1.0.181",
"1.0.152",
"1.0.196",
"1.0.100",
"1.0.110",
"1.0.91",
"1.0.121",
"1.0.138",
"1.0.116",
"1.0.146",
"1.0.114",
"1.0.166",
"1.0.79",
"1.0.9",
"1.0.154",
"1.0.103",
"1.0.86",
"1.0.132",
"1.0.194",
"1.0.13",
"2.1.1",
"1.0.188",
"2.1.0",
"1.0.77",
"1.0.43",
"1.0.192",
"1.0.155",
"1.0.29",
"1.0.83",
"1.0.172",
"1.0.147",
"1.0.105",
"1.0.15",
"1.0.129",
"1.0.150",
"1.0.180",
"1.0.189",
"1.0.20",
"1.0.126",
"1.0.178",
"1.0.50",
"1.0.157",
"1.0.111",
"1.0.184",
"1.0.120",
"1.0.198",
"1.0.75",
"1.0.74",
"1.0.182",
"1.0.70",
"1.0.55",
"1.0.185",
"1.0.173",
"1.0.51",
"1.0.21",
"1.0.36",
"1.0.133",
"1.0.58",
"1.0.149",
"1.0.10",
"1.0.42",
"1.0.52",
"1.0.112",
"1.0.80",
"1.0.67",
"1.0.57",
"1.0.49",
"1.0.31",
"1.0.39",
"1.0.1",
"1.0.162",
"1.0.199",
"1.0.127",
"1.0.14"
]
},
{
"id": "RLUA-2024-07709",
"import_time": "2024-10-24T00:58:40.363414694Z",
"modified_time": "2024-10-16T13:48:18Z",
"sha256": "4b3abb1983f361cc091f94838ba160e51bc2a5ea98d93c7f41816bb14bedcb75",
"source": "reversing-labs"
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n",
"id": "MAL-2024-4606",
"modified": "2024-10-24T01:01:57Z",
"published": "2024-06-25T13:30:41Z",
"references": [
{
"type": "ARTICLE",
"url": "https://www.reversinglabs.com/blog/malicious-nuget-campaign-uses-homoglyphs-and-il-weaving-to-fool-devs"
}
],
"schema_version": "1.5.0",
"summary": "Malicious code in OtpCsharp (NuGet)"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…