EUVD-2022-0065

Malicious code in bioql PyPI...

EUVD-2022-0078

Malicious code in bioql PyPI...

CVE-2022-40431

The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

CVE-2022-40812

The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

CVE-2022-41387

The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

d8s-archives (>=0.2.0 <=0.7.0), d8s-asns (>=0.2.0 <=0.7.0) +13 more potentially affected by CVE-2022-42041 via d8s-file-system (=0.10.0)

d8s-file-system PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-file-system and may be impacted: - d8s-archives =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0,...

d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +5 more potentially affected by CVE-2022-42036 via d8s-urls (>=0.4.0 <=0.6.0)

d8s-urls PYPI version =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42036 Source advisory: OSV:PYSEC-2022-43030...

PYSEC-2022-43050

The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

Code injection

The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +8 more potentially affected by CVE-2022-42042 via d8s-networking (>=0.3.0 <=0.4.2)

d8s-networking PYPI version =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42042 Source advisory: OSV:PYSEC-2022-43028...

PYSEC-2022-43029

The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

Democritus Project 代码问题漏洞

Democritus Project is a collection of simple, effective, modular, fully tested and well-documented features from Democritus. A security vulnerability exists in Democritus Project d8s-pdfs that originates from the distribution of the package containing a potential code execution backdoor inserted ...

PT-2022-25838 · Pypi · D8S-Pdfs +1

Name of the Vulnerable Software and Affected Versions: d8s-pdfs version 0.1.0 Description: The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. Recommendations: For version...

CVE-2022-41387

The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

CVE-2022-40812

The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

CVE-2022-40431

The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

PYSEC-2022-43099

The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

PYSEC-2022-43099

The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

d8s-archives (=0.1.0), d8s-json (=0.1.0) +4 more potentially affected by unknown CVE via democritus-file-system (=2021.1.2701)

democritus-file-system PYPI version =2021.1.2701 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-file-system and may be impacted: - d8s-archives =0.1.0 - d8s-json =0.1.0 - d8s-pdfs =0.1.0 - d8s-urls =0.1.0 - d8s-utility =0.1.0 - d8s-yaml...

d8s-asns (=0.1.0), d8s-domains (=0.1.0) +8 more potentially affected by unknown CVE via democritus-json (=2021.1.2501)

democritus-json PYPI version =2021.1.2501 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-json and may be impacted: - d8s-asns =0.1.0 - d8s-domains =0.1.0 - d8s-html =0.1.0 - d8s-ip-addresses =0.1.0 - d8s-mpeg =0.1.0 - d8s-networking =0.1.0 ...