3 matches found
CVE-2022-38883
The d8s-math for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
CVE-2022-38883
creationtimestamp| type| source ---|---|--- 2022-09-19 20:38:10+00:00| seen| https://t.me/cibsecurity/50057...
CVE-2022-38883
CVE-2022-38883 concerns the Python package d8s-math on PyPI, with the democritus-strings backdoor in version 0.1.0. The vulnerability, as described by multiple sources (NVD/Red Hat/OSV/Veracode/PYSEC advisories), enables potential remote code execution via the package download/upload mechanism, w...