Lucene search
+L

5 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-45805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an...

7.8CVSS7.3AI score0.00512EPSS
Exploits1References3
vulnersosv
vulnersosv
added 2023/10/20 7:30 p.m.11 views

adam-assist (>=0.1.1 <=0.3.9), adam-core (>=0.3.0 <=0.5.5) +49 more potentially affected by CVE-2023-45805 via pdm (>=1.15.5 <=2.9.3)

pdm PYPI version =1.15.5, =0.1.1, =0.3.0, =0.0.1, =0.1.2, =0.3.5, =2.0.0rc0, =0.1.0, =0.1.2, =0.1.0, =0.2.0, =0.1.5, =0.3.0, =0.1.0, =1.0.28 and more Source cves: CVE-2023-45805 Source advisory: OSV:GHSA-J44V-MMF2-XVM9...

7.8CVSS7.2AI score0.00512EPSS
Exploits1
cvelist
cvelist
added 2023/10/20 6:12 p.m.29 views

CVE-2023-45805 Trojan Lockfilein pdm

pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...

7.8CVSS8AI score0.00512EPSS
Exploits1References5
cve
cve
added 2023/10/20 6:12 p.m.59 views

CVE-2023-45805

CVE-2023-45805 affects the Python tool PDM (dependency manager). A crafted pawns-style lockfile in which a project like foo is targeted with foo-2 and a file foo-2-2.tar.gz can mislead PyPI and PDM into installing a different project than what appears in pyproject.toml, potentially allowing arbit...

7.8CVSS7.7AI score0.00512EPSS
Exploits1References5Affected Software2
circl
circl
added 2023/10/20 7:11 a.m.25 views

CVE-2023-45805

creationtimestamp| type| source ---|---|--- 2023-10-20 07:11:03+00:00| published-proof-of-concept| https://github.com/pdm-project/pdm/security/advisories/GHSA-j44v-mmf2-xvm9 2023-10-20 22:35:21+00:00| seen| https://t.me/cibsecurity/72710...

7.8CVSS7.1AI score0.00512EPSS
Exploits1References2
Rows per page
Query Builder