EUVD-2022-0384

Malicious code in bioql PyPI...

Remote Code Execution (RCE)

d8s-uuids is vulnerable to remote code execution. The vulnerability exists because the library does not properly handle the package upload mechanism, allowing an attacker to inject and execute malicious packages...

CVE-2022-40806

The d8s-uuids for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...

PYSEC-2022-43103

The d8s-uuids for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...

d8s-dates (=0.1.0), d8s-dicts (=0.1.0) +5 more potentially affected by unknown CVE via democritus-hypothesis (=2021.1.2101)

democritus-hypothesis PYPI version =2021.1.2101 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-hypothesis and may be impacted: - d8s-dates =0.1.0 - d8s-dicts =0.1.0 - d8s-domains =0.1.0 - d8s-ip-addresses =0.1.0 - d8s-strings =0.1.0 -...

PYSEC-2022-43103

The d8s-uuids for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...

CVE-2022-40806

The d8s-uuids for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...

CVE-2022-40806

CVE-2022-40806 affects the Python package d8s-uuids from PyPI (version 0.1.0). The root cause is a backdoor inserted by a third party in the package, tracked across multiple feeds (e.g., Red Hat, NVD, OSV, Veracode). The vulnerability enables remote code execution with a high impact : attacker-co...

Democritus Project 安全漏洞

Democritus Project is a collection of simple, effective, modular, fully tested and well-documented features from Democritus, Inc. A security vulnerability exists in Democritus Project d8s-uuids version 0.1.0 that originates from a potential code execution backdoor inserted by a third party...

PT-2022-37366 · Pypi · Democritus-Hypothesis +1

Name of the Vulnerable Software and Affected Versions: d8s-uuids version 0.1.0 Description: The d8s-uuids package for Python, distributed on PyPI, contains a potential code-execution backdoor. This backdoor is attributed to the democritus-hypothesis package, which was inserted by a third party...