EUVD-2022-0073

Malicious code in bioql PyPI...

CVE-2022-41380

The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

Democritus Project d8s-yaml Code Execution Vulnerability

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A code execution vulnerability exists in Democritus Project d8s-yaml version 0.1.0, which stems from the presence of a potential code execution package democritus-file-syste...

d8s-archives (>=0.2.0 <=0.7.0), d8s-asns (>=0.2.0 <=0.7.0) +13 more potentially affected by CVE-2022-42041 via d8s-file-system (=0.10.0)

d8s-file-system PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on d8s-file-system and may be impacted: - d8s-archives =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0,...

PYSEC-2022-43034

The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

PYSEC-2022-43039

The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

Code injection

The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

Democritus Project 代码问题漏洞

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A code execution vulnerability exists in Democritus Project d8s-yaml version 0.1.0, which stems from the presence of a potential code execution package democritus-file-syste...

CVE-2022-41380

The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

CVE-2022-41380

The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

PT-2022-25831 · D8S-Yaml +1 · D8S-Yaml +1

Name of the Vulnerable Software and Affected Versions: d8s-yaml version 0.1.0 Description: The d8s-yaml package for Python contains a potential code-execution backdoor. This backdoor is attributed to the democritus-file-system package, which was inserted by a third party. Recommendations: For...

d8s-archives (=0.1.0), d8s-json (=0.1.0) +4 more potentially affected by unknown CVE via democritus-file-system (=2021.1.2701)

democritus-file-system PYPI version =2021.1.2701 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-file-system and may be impacted: - d8s-archives =0.1.0 - d8s-json =0.1.0 - d8s-pdfs =0.1.0 - d8s-urls =0.1.0 - d8s-utility =0.1.0 - d8s-yaml...