17 matches found
EUVD-2022-0378
Malicious code in bioql PyPI...
CVE-2022-44051
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...
Democritus Project d8s-stats Code Execution Vulnerability
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. democritus Project d8s-stats version 0.1.0 contains a security vulnerability stemming from the presence of a potential code execution backdoor inserted by a third party in t...
CVE-2022-44051
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...
CVE-2022-44051
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43109
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43086
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43086
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43109
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...
PT-2022-37372 · Pypi · D8S-Htm +2
Name of the Vulnerable Software and Affected Versions: d8s-stats version 0.1.0 d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-stats package for python distributed on PyPI. Another affected package is democritus-math...
PT-2022-27092 · D8S-Htm +2 · D8S-Htm +2
Name of the Vulnerable Software and Affected Versions: d8s-htm version 0.1.0 democritus-math affected versions not specified Description: A potential code-execution backdoor was inserted by a third party into the d8s-stats for python distributed on PyPI. The democritus-math package also contains ...
Democritus Project 代码问题漏洞
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. democritus Project d8s-stats version 0.1.0 contains a security vulnerability stemming from the presence of a potential code execution backdoor inserted by a third party in t...
PT-2022-37349 · Pypi · D8S-Htm +2
Name of the Vulnerable Software and Affected Versions: d8s-stats version 0.1.0 d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-stats package for python distributed on PyPI. Another affected package is democritus-math...
CVE-2022-44051
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...
CVE-2022-44051
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...
Malicious Package
Overview democritus-math is a malicious package. This package is used for dependency confusion attempts and contains malicious code. The package now exists as a placeholder on PyPI. Remediation Avoid using all malicious instances of the democritus-math package. References - GitHub Issue - GitHub...
d8s-stats (=0.1.0) potentially affected by unknown CVE via democritus-math (=2021.1.2801)
democritus-math PYPI version =2021.1.2801 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-math and may be impacted: - d8s-stats =0.1.0 Source cves: unknown CVE Source advisory: SNYK:PYTHON-DEMOCRITUSMATH-8400834...