advisory-database icon indicating copy to clipboard operation
advisory-database copied to clipboard
verified publisher icon pypa

Description for aiocpa entry is wrong

Open malemburg opened this issue 1 year ago • 2 comments

It reads:

details: | aiocpa is a user-facing library for generating color gradients of text. Version 0.1.13 introduced obfuscated, malicious code targeting Crypto Pay users, forwarding client credentials to a remote Telegram bot. All versions have been removed from PyPI.

The first line should probably read:

aiocpa is a syncronous & asynchronous Crypto Pay API client.

malemburg avatar Dec 09 '24 16:12 malemburg

Here's the source file: https://github.com/pypa/advisory-database/blob/main/vulns/aiocpa/PYSEC-2024-152.yaml

malemburg avatar Dec 09 '24 16:12 malemburg

Yes, that appears to be a copy&paste issue - would you want to open a Pull Request to correct?

miketheman avatar Jan 24 '25 18:01 miketheman