15 matches found
EUVD-2022-0376
Malicious code in bioql PyPI...
CVE-2022-43305
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0...
CVE-2022-43305
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0...
CVE-2022-43305
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43084
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43094
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43094
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0...
Code injection
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43084
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0...
PT-2022-26839 · D8S-Htm +2 · D8S-Htm +2
Name of the Vulnerable Software and Affected Versions: d8s-htm version 0.1.0 d8s-python affected versions not specified democritus-algorithms affected versions not specified Description: A potential code-execution backdoor was inserted by a third party in the d8s-python package distributed on PyP...
PT-2022-37347 · Unknown +2 · Democritus-Algorithms +2
Name of the Vulnerable Software and Affected Versions: d8s-htm version 0.1.0 democritus-algorithms affected versions not specified Description: A potential code-execution backdoor was inserted by a third party into the d8s-python package distributed on PyPI. The democritus-algorithms package also...
PT-2022-37357 · Unknown +2 · Democritus-Algorithms +2
Name of the Vulnerable Software and Affected Versions: d8s-htm version 0.1.0 d8s-python affected versions not specified democritus-algorithms affected versions not specified Description: A potential code-execution backdoor was inserted by a third party in the d8s-python package distributed on PyP...
CVE-2022-43305
CVE-2022-43305 concerns the d8s-python package on PyPI, where a third-party backdoor was inserted into the Democritus ecosystem (democritus-algorithms) and is linked to d8s-htm 0.1.0. Connected sources corroborate that the backdoor could enable code execution, with multiple advisories referencing...
CVE-2022-43305
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0...
Malicious Package
Overview democritus-algorithms is a malicious package. This package is used for dependency confusion attempts and contains malicious code. The package now exists as a placeholder on PyPI. Remediation Avoid using all malicious instances of the democritus-algorithms package. References - GitHub Iss...