gem · Malicious package advisory
Malwaremicrosoft_kiota_http
MAL-2023-11
Malicious code in microsoft_kiota_http (RubyGems)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (1aea1a60f074d92d58e8e1644f08af16097bc4fc496a7acc2b60f586ce504017) The OpenSSF Package Analysis project identified 'microsoft_kiota_http' @ 6.0.1 (rubygems) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity.
Compromised versions (1)
- 6.0.1
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.