CVE-2022-38887

CVE-2022-38887 affects the d8s-python package for Python distributed on PyPI. The vulnerability arises from a backdoor inserted by a third party in the democritus-strings package, with the affected version identified as 0.1.0. The NVD/CVE data lists a critical impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:...

CVE-2022-38886

CVE-2022-38886 affects the Python package d8s-xml distributed on PyPI. The vulnerability stems from a third‑party backdoor in the package ecosystem, specifically the democritus-strings package, with the affected release identified as version 0.1.0. This backdoor enables potential remote code exec...

CVE-2022-38885

The d8s-netstrings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

CVE-2022-38885

CVE-2022-38885 concerns the Python package d8s-netstrings (PyPI), where a third-party backdoor in the democritus-strings package affects version 0.1.0. Multiple connected sources describe a potential remote code execution backdoor that could allow an attacker to run arbitrary code on a vulnerable...

CVE-2022-38883

CVE-2022-38883 concerns the Python package d8s-math on PyPI, with the democritus-strings backdoor in version 0.1.0. The vulnerability, as described by multiple sources (NVD/Red Hat/OSV/Veracode/PYSEC advisories), enables potential remote code execution via the package download/upload mechanism, w...

CVE-2022-38882

The CVE-2022-38882 issue affects the Python package d8s-json distributed on PyPI, with the vulnerable version identified as 0.1.0. Multiple connected sources describe a third-party backdoor in the package, specifically the democritus-strings component, which enables potential remote code executio...

CVE-2022-38882

The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

CVE-2022-38881

CVE-2022-38881 affects the Python package d8s-archives distributed on PyPI. The vulnerability is caused by a backdoor (the democritus-strings package) inserted by a third party, with the affected version reported as 0.1.0. Public documents describe potential code execution as the impact and note ...

CVE-2022-40432

The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...

CVE-2022-40426

CVE-2022-40426 concerns the PyPI package d8s-asns (the democritus-networking backdoor) in version 0.1.0. The backdoor inserted by a third party enables potential code execution and is described as a backdoor in the affected Python deployment. The connected records consistently describe a code-exe...

CVE-2022-40425

The CVE-2022-40425 entry refers to the PyPI package d8s-html (Python) where version 0.1.0 bundles a backdoor via the third‑party democritus-networking package. The vulnerability is described as potential remote code execution with a high impact across confidentiality, integrity, and availability ...

CVE-2022-40805

The d8s-urls for python 0.1.0, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-hypothesis package...

CVE-2022-40427

The d8s-domains for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

PYSEC-2022-43103

The d8s-uuids for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...

PYSEC-2022-43104

The d8s-domains for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...

CVE-2022-40431

The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

CVE-2022-40808

CVE-2022-40808 affects the Python package d8s-dates distributed on PyPI, where a third-party backdoor (democritus-hypothesis) in version 0.1.0 enables potential remote code execution. Affected component is the d8s-dates package as shipped; root cause is insertion of a code-execution backdoor by a...

CVE-2022-40805

The d8s-urls for python 0.1.0, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-hypothesis package...

CVE-2022-40424

The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-networking package. The affected version of d8s-urls is 0.1.0...

CVE-2022-38880

The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The affected version is 0.1.0...