4 matches found
cy-ioc-finder (>=7.2.3 <=7.2.13), d8s-archives (>=0.2.0 <=0.7.0) +25 more potentially affected by CVE-2022-42039 via d8s-lists (>=0.3.0 <=0.8.0)
d8s-lists PYPI version =0.3.0, =7.2.3, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.6.0, =0.2.0, =0.2.0, =0.2.0, =0.1.2, =0.2.0, =0.6.0 and more Source cves: CVE-2022-42039 Source advisory: OSV:PYSEC-2022-43027...
CVE-2022-42039
The d8s-lists package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0...
CVE-2022-42039
The d8s-lists package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0...
CVE-2022-42039
The CVE-2022-42039 entry concerns the Python package d8s-lists (PyPI) with a backdoor inserted by a third party: the democritus-dicts package, affecting version 0.1.0. According to connected sources, this allows potential code execution if the compromised package is installed. The CVSSv3.1 base s...