24 matches found
EUVD-2022-0060
Malicious code in bioql PyPI...
EUVD-2022-0059
Malicious code in bioql PyPI...
CVE-2022-41382
The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
Democritus Project d8s-json Code Execution Vulnerability
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-json version 0.1.0, which stems from the presence of a potential code execution package democritus-file-system...
PYSEC-2022-43041
The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
PYSEC-2022-43026
The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +9 more potentially affected by CVE-2022-41382 via d8s-json (=0.3.0)
d8s-json PYPI version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-json and may be impacted: - d8s-asns =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-41382 Source advisory:...
PYSEC-2022-43026
The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
CVE-2022-41382
The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
Democritus Project 代码问题漏洞
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-json version 0.1.0, which stems from the presence of a potential code execution package democritus-file-system...
Arbitrary Code Execution
d8s-json is vulnerable to arbitrary code execution. The vulnerability exists because the democritus-strings package of a specific version of d8s-json acts as a potential code execution backdoor which allows an attacker to inject and execute malicious codes in to the system...
CVE-2022-38882
The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
CVE-2022-38882
The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
PYSEC-2022-43078
The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
Code injection
The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
PYSEC-2022-43078
The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
PYSEC-2022-43120
The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
CVE-2022-38882
The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
CVE-2022-38882
The CVE-2022-38882 issue affects the Python package d8s-json distributed on PyPI, with the vulnerable version identified as 0.1.0. Multiple connected sources describe a third-party backdoor in the package, specifically the democritus-strings component, which enables potential remote code executio...
d8s-archives (=0.1.0), d8s-json (=0.1.0) +4 more potentially affected by unknown CVE via democritus-file-system (=2021.1.2701)
democritus-file-system PYPI version =2021.1.2701 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-file-system and may be impacted: - d8s-archives =0.1.0 - d8s-json =0.1.0 - d8s-pdfs =0.1.0 - d8s-urls =0.1.0 - d8s-utility =0.1.0 - d8s-yaml...