44 matches found
d8s-random (=0.6.0), d8s-xml (>=0.2.0 <=0.8.0) potentially affected by CVE-2022-41381 via d8s-utility (=0.8.0)
d8s-utility PYPI version =0.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-utility and may be impacted: - d8s-random =0.6.0 - d8s-xml =0.2.0, =0.8.0 Source cves: CVE-2022-41381 Source advisory: OSV:PYSEC-2022-43031...
PYSEC-2022-43045
The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0...
PYSEC-2022-43033
The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0...
d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +5 more potentially affected by CVE-2022-42036 via d8s-urls (>=0.4.0 <=0.6.0)
d8s-urls PYPI version =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42036 Source advisory: OSV:PYSEC-2022-43030...
d8s-random (=0.6.0), d8s-xml (>=0.2.0 <=0.8.0) potentially affected by CVE-2022-41386 via d8s-utility (=0.8.0)
d8s-utility PYPI version =0.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-utility and may be impacted: - d8s-random =0.6.0 - d8s-xml =0.2.0, =0.8.0 Source cves: CVE-2022-41386 Source advisory: OSV:PYSEC-2022-43032...
d8s-asns (>=0.2.0 <=0.7.0), d8s-xml (>=0.2.0 <=0.8.0) potentially affected by CVE-2022-41385 via d8s-html (>=0.3.0 <=0.6.1)
d8s-html PYPI version =0.3.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-41385 Source advisory: OSV:PYSEC-2022-43025...
d8s-asns (>=0.2.0 <=0.7.0), d8s-domains (>=0.2.0 <=0.6.0) +8 more potentially affected by CVE-2022-42042 via d8s-networking (>=0.3.0 <=0.4.2)
d8s-networking PYPI version =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.8.0 Source cves: CVE-2022-42042 Source advisory: OSV:PYSEC-2022-43028...
PYSEC-2022-43033
The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0...
PYSEC-2022-43045
The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0...
CVE-2022-42043
The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0...
PT-2022-26219 · Pypi · D8S-Xml +1
Name of the Vulnerable Software and Affected Versions: d8s-xml version 0.1.0 Description: The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. Recommendations: For version 0.1.0...
Democritus Project 代码问题漏洞
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A code execution vulnerability exists in Democritus Project d8s-xml version 0.1.0, which stems from the presence of a potential code execution package democritus-html insert...
CVE-2022-42043
The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0...
Remote Code Execution (RCE)
d8s-xml is vulnerable to remote code execution. The vulnerability exists because the library does not properly handle the package upload mechanism, allowing an attacker to inject and execute malicious packages...
CVE-2022-38886
The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
PYSEC-2022-43124
The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
PYSEC-2022-43092
The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
PYSEC-2022-43092
The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
PYSEC-2022-43124
The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
CVE-2022-38886
CVE-2022-38886 affects the Python package d8s-xml distributed on PyPI. The vulnerability stems from a third‑party backdoor in the package ecosystem, specifically the democritus-strings package, with the affected release identified as version 0.1.0. This backdoor enables potential remote code exec...