Lucene search
China National Vulnerability DatabaseCNVD-2022-89106HistoryOct 13, 2022 - 12:00 a.m.
Democritus Project d8s-lists code execution vulnerability
2022-10-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
democritus project
d8s-lists
code execution
vulnerability
potential code execution package
third party
pypi
dicts
attacker
remote code execution
cnvd
EPSS
0.005
Percentile
75.6%
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. democritus Project d8s-lists version 0.1.0 is vulnerable to a backdoor vulnerability stemming from the presence of a potential code execution package, democritus-, inserted by a third party, in d8s-lists distributed on PyPI. dicts, which can be exploited by an attacker to remotely execute code.
Related
osv
osv
CVE-2022-42039
2022-10-11 22:15:11
PYSEC-2022-43037
2022-10-11 22:15:00
PYSEC-2022-43027
2022-10-11 22:15:00
cvelist
cvelist
CVE-2022-42039
2022-10-11 00:00:00
prion
prion
Code injection
2022-10-11 22:15:00
nvd
nvd
CVE-2022-42039
2022-10-11 22:15:11
cve
cve
CVE-2022-42039
2022-10-11 22:15:11