EUVD-2024-0020

Malicious code in bioql PyPI...

CVE-2024-22194

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0 at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...

GHSA-RGRF-6MF5-M882 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0 at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...

CVE-2024-22194

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

PYSEC-2024-6

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

Information disclosure

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

case-mapping (>=0.1.0 <=0.2.1), case-prov (>=0.11.0 <=0.14.0) +1 more potentially affected by CVE-2024-22194 via cdo-local-uuid (=0.5.0)

cdo-local-uuid PYPI version =0.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on cdo-local-uuid and may be impacted: - case-mapping =0.1.0, =0.11.0, =0.15.0, =0.17.0 Source cves: CVE-2024-22194 Source advisory: OSV:PYSEC-2024-6...

PYSEC-2024-5

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

PYSEC-2024-6

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

PYSEC-2024-5

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

CVE-2024-22194

Summary (useful details only) : The CVE-2024-22194 family concerns a vulnerability in the Python-based cdo-local-uuid project, affecting cdo-local-uuid 0.4.0 and unpatched case-utils (0.x.0) up to 0.14.x; patched versions start at case-utils 0.15.0 and cdo-local-uuid 0.5.0. The issue stems from t...

CVE-2024-22194 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

CVE-2024-22194 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

CVE-2024-22194 cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...