Lucene search
HistoryJul 22, 2022 - 3:15 p.m.
CVE-2022-34981
pycrowdtangle
pypi
code execution
backdoor
security vulnerability
nvd
cve-2022-34981
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.4%
The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.
Affected configurations
Node
pycrowdtangle_projectpycrowdtangleRange0.0.1–0.0.2pypi
| CPE | Name | Operator | Version |
|---|---|---|---|
| pycrowdtangle_project:pycrowdtangle | pycrowdtangle project pycrowdtangle | le | 0.0.2 |
References
Social References
More
Related
veracode
veracode
Remote Code Execution (RCE)
2022-07-25 04:55:43
prion
prion
Code injection
2022-07-22 15:15:00
nvd
nvd
CVE-2022-34981
2022-07-22 15:15:08
cvelist
cvelist
CVE-2022-34981
2022-07-22 14:17:30
osv
osv
PYSEC-2022-242
2022-07-22 15:15:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.4%
Related for CVE-2022-34981