26 matches found
EUVD-2022-0394
Malicious code in bioql PyPI...
CVE-2022-42038
The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...
CVE-2022-40810
The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...
Democritus Project d8s-ip Code Execution Vulnerability
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-ip version 0.1.0, which stems from the presence of a potential code execution package, democritus-csv, inserted by ...
CVE-2022-42038
The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...
d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +8 more potentially affected by CVE-2022-42042 via d8s-networking (>=0.3.0 <=0.4.2)
d8s-networking PYPI version =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42042 Source advisory: OSV:PYSEC-2022-43028...
PYSEC-2022-43077
The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...
PYSEC-2022-43095
The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...
PT-2022-37340 · Pypi · Democritus-Csv +1
Name of the Vulnerable Software and Affected Versions: d8s-ip-addresses version 0.1.0 Description: The d8s-ip-addresses package for Python contains a potential code-execution backdoor. This backdoor is attributed to the democritus-csv package, which was inserted by a third party. Recommendations:...
CVE-2022-42038
The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...
PT-2022-26214 · Pypi · Democritus-Csv +1
Name of the Vulnerable Software and Affected Versions: d8s-ip-addresses version 0.1.0 Description: The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. Recommendations:...
Democritus Project 代码问题漏洞
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-ip version 0.1.0, which stems from the presence of a potential code execution package, democritus-csv, inserted by ...
CVE-2022-40429
The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...
CVE-2022-40429
The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...
PYSEC-2022-43107
The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...
PYSEC-2022-43107
The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...
PYSEC-2022-43115
The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...
d8s-asns (=0.1.0), d8s-domains (=0.1.0) +8 more potentially affected by unknown CVE via democritus-json (=2021.1.2501)
democritus-json PYPI version =2021.1.2501 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-json and may be impacted: - d8s-asns =0.1.0 - d8s-domains =0.1.0 - d8s-html =0.1.0 - d8s-ip-addresses =0.1.0 - d8s-mpeg =0.1.0 - d8s-networking =0.1.0 ...
d8s-dates (=0.1.0), d8s-dicts (=0.1.0) +5 more potentially affected by unknown CVE via democritus-hypothesis (=2021.1.2101)
democritus-hypothesis PYPI version =2021.1.2101 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-hypothesis and may be impacted: - d8s-dates =0.1.0 - d8s-dicts =0.1.0 - d8s-domains =0.1.0 - d8s-ip-addresses =0.1.0 - d8s-strings =0.1.0 -...
d8s-asns (=0.1.0), d8s-domains (=0.1.0) +6 more potentially affected by unknown CVE via democritus-networking (=2023.1.22)
democritus-networking PYPI version =2023.1.22 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-networking and may be impacted: - d8s-asns =0.1.0 - d8s-domains =0.1.0 - d8s-html =0.1.0 - d8s-ip-addresses =0.1.0 - d8s-mpeg =0.1.0 - d8s-pdfs...