EUVD-2024-0020

Malicious code in bioql PyPI...

CVE-2024-22194

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

Information Leakage

case-utils is vulnerable to Information Leakage. The vulnerability is caused due to improper handling of UUIDs generation within the localuuid function. This could allow an attacker to guess the UUID, resulting in sensitive data exposure...

GHSA-RGRF-6MF5-M882 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0 at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...

cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0 at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...

CVE-2024-22194

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

PYSEC-2024-6

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

case-prov (>=0.7.0 <=0.14.0) potentially affected by CVE-2024-22194 via case-utils (>=0.10.1.post0 <=0.17.0)

case-utils PYPI version =0.10.1.post0, =0.7.0, =0.14.0 Source cves: CVE-2024-22194 Source advisory: OSV:PYSEC-2024-5...

Information disclosure

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

PYSEC-2024-6

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

PYSEC-2024-5

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

PYSEC-2024-5

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

case-mapping (>=0.1.0 <=0.2.1), case-prov (>=0.11.0 <=0.14.0) +1 more potentially affected by CVE-2024-22194 via cdo-local-uuid (=0.5.0)

cdo-local-uuid PYPI version =0.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on cdo-local-uuid and may be impacted: - case-mapping =0.1.0, =0.11.0, =0.15.0, =0.17.0 Source cves: CVE-2024-22194 Source advisory: OSV:PYSEC-2024-6...

CVE-2024-22194

Summary (useful details only) : The CVE-2024-22194 family concerns a vulnerability in the Python-based cdo-local-uuid project, affecting cdo-local-uuid 0.4.0 and unpatched case-utils (0.x.0) up to 0.14.x; patched versions start at case-utils 0.15.0 and cdo-local-uuid 0.5.0. The issue stems from t...

CVE-2024-22194 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

CVE-2024-22194 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

CVE-2024-22194 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

CDO Local UUID Utility Security Vulnerability

The CDO Local UUID Utility is a specialized UUID generation function that enables the program to generate deterministic UUIDs upon user request. A security vulnerability exists in CDO Local UUID Utility prior to version 0.15.0, which stems from an information leakage vulnerability in case-utils...