Open CSM-BlueRed opened 1 year ago
Hi, what do you mean ? pystyle is referenced as malicious in the different articles about this:
yeah i know, cause a hacker put a line with a module nammed _algoritmic (not the exact name) and we removed it, you can check the pypi logs
Ok, so the package could still be vulnerable if people did not update ?
if people update pystyle, nothing happend, and if people doesnt update pystyle, nothing happend too
So at some point in time there was a version of pystyle which had this vulnerability right ? I can add a specific case for version number, but I think the tool has to report something for pystyle if it was vulnerable
yes if you want
pystyle has not been infected by wasp, and its a hacker that do this in pystyle, we removed the suspect line.