mal-2026-6724
Vulnerability from ossf_malicious_packages
Published
2026-07-01 21:08
Modified
2026-07-01 22:04
Summary
Malicious code in starlette-healthcheck (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (45d8da59826f5074d5b65d3b4733a4da6e7ce20167db9c14f7004e5fb7abe273)

The package presents itself as an ASGI healthcheck/request-logging utility, but its advertised configure_logging() helper (exposed from the top-level init.py) spawns a background thread that POSTs JSON to a hardcoded Azure Container Apps host at ca-fusion-dev-collector.victorioussmoke-2f009910.uksouth.azurecontainerapps.io. On invocation it (1) iterates os.environ and emits one record per environment variable name (values masked, but the key set discloses the deployment's secret/service layout — AWS_, DB_, vendor tokens, internal infra names), (2) resolves the host's public IP via checkip.amazonaws.com, and (3) sends the machine hostname. None of this is documented in the README or package metadata; the destination is author-controlled, with a default API key embedded in the client and an undocumented LOG_ENDPOINT override. The middleware code itself is a trivial local request-timing logger that does not require any of this telemetry. Author metadata is a generic alias ("ForbiddenFruit") with no homepage. The name is also a plausible-utility name in the ASGI healthcheck space, increasing the chance of incidental adoption.

CWE
  • CWE-506 - The product contains code that appears to be malicious in nature.
  • CWE-506 - The product contains code that appears to be malicious in nature.
  • CWE-506 - The product contains code that appears to be malicious in nature.
Credits

{
  "affected": [
    {
      "database_specific": {
        "cwes": [
          {
            "cweId": "CWE-506",
            "description": "The product contains code that appears to be malicious in nature.",
            "name": "Embedded Malicious Code"
          },
          {
            "cweId": "CWE-506",
            "description": "The product contains code that appears to be malicious in nature.",
            "name": "Embedded Malicious Code"
          },
          {
            "cweId": "CWE-506",
            "description": "The product contains code that appears to be malicious in nature.",
            "name": "Embedded Malicious Code"
          }
        ],
        "indicators": {
          "evidence_files": [
            {
              "path": "src/starlette_healthcheck/setup.py",
              "sha256": "e11097b906ce3cd6ee4ac72c6e22587847ea7637329551a5acfe5c7959f75119",
              "tlsh": "4f81739bcd3b9d5207b2951d1c67d259f733430f2a0265a23abc635c2f3983ad0f9698"
            },
            {
              "path": "pyproject.toml",
              "sha256": "3353e4adbf053e66107822c08dedefa1a7ca819183b9eb702d54a1076fecc9f5",
              "tlsh": "7d111c33dbca2d758da21440222d0b00ea22856f320c44f6b3fb821f8a75eba41bd03d"
            }
          ],
          "package_integrity": [
            {
              "filename": "starlette_healthcheck-1.3.0-py3-none-any.whl",
              "hashes": {
                "blake2b_256": "8d9cebae5fb55009cd76f7b48aec5975e803d8f9f0dde4d1ed51b603ef945331",
                "md5": "731ad5f0c6a809a7d96266638173c434",
                "sha256": "19ac6a18904b6d83ea8e5cd5778b095e80e0bf2e0a5f3af722eaa063ed0c39ce"
              }
            },
            {
              "filename": "starlette_healthcheck-1.3.0.tar.gz",
              "hashes": {
                "blake2b_256": "c396281d595352f0d2e37400feff60f96cd4cd8ffc7c76cdc1f86e2545c44bca",
                "md5": "349691c944019a751f4f1cc151435e79",
                "sha256": "28b131ce46e9b37a41cec26b13f41b37c5444dfc1c6f7a04e5c143fe9566a4a3"
              }
            }
          ]
        }
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "starlette-healthcheck"
      },
      "versions": [
        "1.3.0",
        "1.2.0",
        "1.3.1"
      ]
    }
  ],
  "credits": [
    {
      "contact": [
        "inspector-research@amazon.com"
      ],
      "name": "Amazon Inspector",
      "type": "FINDER"
    }
  ],
  "database_specific": {
    "malicious-packages-origins": [
      {
        "id": "IN-MAL-2026-007906",
        "import_time": "2026-07-01T22:02:59.137060856Z",
        "modified_time": "2026-07-01T21:08:27Z",
        "sha256": "45d8da59826f5074d5b65d3b4733a4da6e7ce20167db9c14f7004e5fb7abe273",
        "source": "amazon-inspector",
        "versions": [
          "1.3.0"
        ]
      },
      {
        "id": "IN-MAL-2026-007908",
        "import_time": "2026-07-01T22:02:59.219927831Z",
        "modified_time": "2026-07-01T21:08:43Z",
        "sha256": "672111029a3528c1f0bdd93e7251f563e9994f9e725eacbe498d59e4d07e2314",
        "source": "amazon-inspector",
        "versions": [
          "1.2.0"
        ]
      },
      {
        "id": "IN-MAL-2026-007907",
        "import_time": "2026-07-01T22:02:59.182674058Z",
        "modified_time": "2026-07-01T21:08:35Z",
        "sha256": "9e534fd526f8d46ec03462e3dd7120bdf9871478650e3c4af7ab34d2234b23c6",
        "source": "amazon-inspector",
        "versions": [
          "1.3.1"
        ]
      }
    ]
  },
  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (45d8da59826f5074d5b65d3b4733a4da6e7ce20167db9c14f7004e5fb7abe273)\nThe package presents itself as an ASGI healthcheck/request-logging utility, but its advertised configure_logging() helper (exposed from the top-level __init__.py) spawns a background thread that POSTs JSON to a hardcoded Azure Container Apps host at ca-fusion-dev-collector.victorioussmoke-2f009910.uksouth.azurecontainerapps.io. On invocation it (1) iterates os.environ and emits one record per environment variable name (values masked, but the key set discloses the deployment\u0027s secret/service layout \u2014 AWS_*, DB_*, vendor tokens, internal infra names), (2) resolves the host\u0027s public IP via checkip.amazonaws.com, and (3) sends the machine hostname. None of this is documented in the README or package metadata; the destination is author-controlled, with a default API key embedded in the client and an undocumented LOG_ENDPOINT override. The middleware code itself is a trivial local request-timing logger that does not require any of this telemetry. Author metadata is a generic alias (\"ForbiddenFruit\") with no homepage. The name is also a plausible-utility name in the ASGI healthcheck space, increasing the chance of incidental adoption.\n",
  "id": "MAL-2026-6724",
  "modified": "2026-07-01T22:04:56Z",
  "published": "2026-07-01T21:08:27Z",
  "references": [
    {
      "type": "PACKAGE",
      "url": "https://pypi.org/project/starlette-healthcheck/1.3.0/"
    },
    {
      "type": "PACKAGE",
      "url": "https://pypi.org/project/starlette-healthcheck/1.2.0/"
    },
    {
      "type": "PACKAGE",
      "url": "https://pypi.org/project/starlette-healthcheck/1.3.1/"
    }
  ],
  "schema_version": "1.7.4",
  "summary": "Malicious code in starlette-healthcheck (PyPI)"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…