levibes (>=0.1.0 <=0.1.1) potentially affected by unknown CVE via gratient (=0.4.0)

gratient PYPI version =0.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on gratient and may be impacted: - levibes =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory: OSV:GHSA-XM4R-5RJ9-2PG3...

GHSA-XM4R-5RJ9-2PG3 gratient 0.5 contains credential harvesting code

gratient is a user-facing library for generating color gradients of text. Version 0.5 contained obfuscated, malicious code targeting Windows platforms, harvesting information and credentials from the user's system and sending them to a remote server. Services may include Mullvad VPN and Telegram...

PT-2024-40533 · Microsoft +2 · Windows +2

Name of the Vulnerable Software and Affected Versions: gratient version 0.5 Description: The issue concerns a user-facing library used for generating color gradients of text, which contained obfuscated, malicious code in version 0.5. This malicious code targets Windows platforms, harvesting...

PYSEC-2024-1 gratient 0.5 contains credential harvesting code

gratient is a user-facing library for generating color gradients of text. Version 0.5 contained obfuscated, malicious code targeting Windows platforms, harvesting information and credentials from the user's system and sending them to a remote server. Services may include Mullvad VPN and Telegram...

levibes (>=0.1.0 <=0.1.1) potentially affected by unknown CVE via gratient (=0.4.0)

gratient PYPI version =0.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on gratient and may be impacted: - levibes =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory: OSV:PYSEC-2024-1...

gratient 0.5 contains credential harvesting code

gratient is a user-facing library for generating color gradients of text.Version 0.5 contained obfuscated, malicious code targetingWindows platforms, harvesting information and credentials from theuser's system and sending them to a remote server.Services may include Mullvad VPN and Telegram...

PT-2024-40896 · Microsoft +2 · Windows +2

Name of the Vulnerable Software and Affected Versions: gratient version 0.5 Description: The issue concerns malicious code embedded in the library, which targets Windows platforms. This code is capable of harvesting information and credentials from the user's system and sending them to a remote...