CVE-2022-40425

The d8s-html for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

CVE-2022-41385

The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

Democritus Project d8s-html Code Execution Vulnerability

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-html version 0.1.0, which stems from the presence of a potential code execution package, democritus-urls, inserted ...

PYSEC-2022-43025

The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

PYSEC-2022-43025

The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

d8s-archives (>=0.2.0 <=0.7.0), d8s-asns (>=0.2.0 <=0.7.0) +13 more potentially affected by CVE-2022-42041 via d8s-file-system (=0.10.0)

d8s-file-system PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-file-system and may be impacted: - d8s-archives =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0,...

d8s-asns (>=0.2.0 <=0.7.0), d8s-xml (>=0.2.0 <=0.8.0) potentially affected by CVE-2022-41385 via d8s-html (>=0.3.0 <=0.6.1)

d8s-html PYPI version =0.3.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-41385 Source advisory: OSV:PYSEC-2022-43025...

d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +8 more potentially affected by CVE-2022-42042 via d8s-networking (>=0.3.0 <=0.4.2)

d8s-networking PYPI version =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42042 Source advisory: OSV:PYSEC-2022-43028...

d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +5 more potentially affected by CVE-2022-42036 via d8s-urls (>=0.4.0 <=0.6.0)

d8s-urls PYPI version =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42036 Source advisory: OSV:PYSEC-2022-43030...

Code injection

The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

PYSEC-2022-43048

The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

CVE-2022-41385

The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

Democritus Project 代码问题漏洞

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-html version 0.1.0, which stems from the presence of a potential code execution package, democritus-urls, inserted ...

CVE-2022-41385

CVE-2022-41385 affects the Python d8s-html package from PyPI (version 0.1.0). Multiple connected sources confirm a backdoor (democritus-urls) inserted by a third party, creating a potential code execution vector. The root cause is the presence of this backdoor in the distributed package. Document...

PT-2022-25836 · Pypi · D8S-Htm +1

Name of the Vulnerable Software and Affected Versions: d8s-html version 0.1.0 Description: The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. Recommendations: For version...

CVE-2022-40425

The d8s-html for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

PYSEC-2022-43111

The d8s-html for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

PYSEC-2022-43111

The d8s-html for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

CVE-2022-40425

The CVE-2022-40425 entry refers to the PyPI package d8s-html (Python) where version 0.1.0 bundles a backdoor via the third‑party democritus-networking package. The vulnerability is described as potential remote code execution with a high impact across confidentiality, integrity, and availability ...

d8s-asns (=0.1.0), d8s-domains (=0.1.0) +8 more potentially affected by unknown CVE via democritus-json (=2021.1.2501)

democritus-json PYPI version =2021.1.2501 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-json and may be impacted: - d8s-asns =0.1.0 - d8s-domains =0.1.0 - d8s-html =0.1.0 - d8s-ip-addresses =0.1.0 - d8s-mpeg =0.1.0 - d8s-networking =0.1.0 ...