45 matches found
EUVD-2022-0067
Malicious code in bioql PyPI...
EUVD-2022-0397
Malicious code in bioql PyPI...
EUVD-2022-0389
Malicious code in bioql PyPI...
EUVD-2022-0383
Malicious code in bioql PyPI...
CVE-2022-40805
The d8s-urls for python 0.1.0, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-hypothesis package...
CVE-2022-44048
The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-domains package. The affected version of d8s-htm is 0.1.0...
Democritus Project d8s-urls code execution vulnerability
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. Democritus Project d8s-urls has a security vulnerability that stems from its inclusion of a potential code execution backdoor inserted by a third party. An attacker could...
PYSEC-2022-43091
The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-domains package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43097
The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-domains package. The affected version of d8s-htm is 0.1.0...
CVE-2022-44048
CVE-2022-44048 describes a backdoor inserted by a third party into the PyPI distribution d8s-urls for Python, implicating the democritus-domains package. The affected software component includes d8s-htm version 0.1.0. Connected advisories indicate this results in potential code execution and reco...
Democritus Project 代码问题漏洞
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. Democritus Project d8s-urls has a security vulnerability that stems from its inclusion of a potential code execution backdoor inserted by a third party. An attacker could...
CVE-2022-42036
The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...
d8s-archives (>=0.2.0 <=0.7.0), d8s-asns (>=0.2.0 <=0.7.0) +13 more potentially affected by CVE-2022-42041 via d8s-file-system (=0.10.0)
d8s-file-system PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-file-system and may be impacted: - d8s-archives =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0,...
PYSEC-2022-43035
The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...
PYSEC-2022-43030
The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...
d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +8 more potentially affected by CVE-2022-42042 via d8s-networking (>=0.3.0 <=0.4.2)
d8s-networking PYPI version =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42042 Source advisory: OSV:PYSEC-2022-43028...
CVE-2022-42036
CVE-2022-42036 affects the Python package d8s-urls (distributed on PyPI); the 0.1.0 release allegedly contained a third-party injected backdoor named democritus-csv that enables code execution. Multiple connected records (Red Hat, OSV, NVD, PRION, ENISA/EUVD adapters, OSV, PySEC advisories) confi...
CVE-2022-42036
The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...
Democritus Project 代码问题漏洞
Democritus Project is a collection of simple, effective, modular, fully tested and well-documented features from Democritus. A security vulnerability exists in Democritus Project d8s-urls, which arises from the distribution of the package containing a potential code execution backdoor inserted by...
PT-2022-26212 · Pypi · D8S-Urls +1
Name of the Vulnerable Software and Affected Versions: d8s-urls version 0.1.0 Description: The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. Recommendations: For version 0.1....