34 matches found
EUVD-2022-0395
Malicious code in bioql PyPI...
EUVD-2022-0068
Malicious code in bioql PyPI...
Democritus Project d8s-utility democritus-file-system code execution vulnerability
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-utility version 0.1.0, which stems from the presence of a potential code execution package democritus-file-system...
Democritus Project d8s-utility democritus-urls code execution vulnerability
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-utility version 0.1.0, which stems from the presence of a potential code execution package democritus-urls inserted...
CVE-2022-41381
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
PYSEC-2022-43049
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...
PYSEC-2022-43049
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...
d8s-random (=0.6.0), d8s-xml (>=0.2.0 <=0.8.0) potentially affected by CVE-2022-41386 via d8s-utility (=0.8.0)
d8s-utility PYPI version =0.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-utility and may be impacted: - d8s-random =0.6.0 - d8s-xml =0.2.0, =0.8.0 Source cves: CVE-2022-41386 Source advisory: OSV:PYSEC-2022-43032...
d8s-archives (>=0.2.0 <=0.7.0), d8s-asns (>=0.2.0 <=0.7.0) +13 more potentially affected by CVE-2022-42041 via d8s-file-system (=0.10.0)
d8s-file-system PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-file-system and may be impacted: - d8s-archives =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0,...
d8s-random (=0.6.0), d8s-xml (>=0.2.0 <=0.8.0) potentially affected by CVE-2022-41381 via d8s-utility (=0.8.0)
d8s-utility PYPI version =0.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-utility and may be impacted: - d8s-random =0.6.0 - d8s-xml =0.2.0, =0.8.0 Source cves: CVE-2022-41381 Source advisory: OSV:PYSEC-2022-43031...
d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +5 more potentially affected by CVE-2022-42036 via d8s-urls (>=0.4.0 <=0.6.0)
d8s-urls PYPI version =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42036 Source advisory: OSV:PYSEC-2022-43030...
d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +8 more potentially affected by CVE-2022-42042 via d8s-networking (>=0.3.0 <=0.4.2)
d8s-networking PYPI version =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42042 Source advisory: OSV:PYSEC-2022-43028...
PYSEC-2022-43040
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
PYSEC-2022-43032
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...
PYSEC-2022-43031
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
PYSEC-2022-43031
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
PT-2022-25832 · Pypi · Democritus-File-System +1
Name of the Vulnerable Software and Affected Versions: d8s-utility version 0.1.0 Description: The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. Recommendations: Fo...
CVE-2022-41381
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
PT-2022-25837 · Pypi · D8S-Utility +1
Name of the Vulnerable Software and Affected Versions: d8s-utility version 0.1.0 Description: The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. Recommendations: For versi...
Democritus Project 代码问题漏洞
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-utility version 0.1.0, which stems from the presence of a potential code execution package democritus-file-system...