9 matches found
EUVD-2022-0395
Malicious code in bioql PyPI...
CVE-2022-40431
The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...
Arbitrary Code Execution
d8sipaddresses is vulnerable to arbitrary code execution. The vulnerability exists because the democritus-networking package of a specific version of d8s-archives acts as a potential code execution backdoor which allows an attacker to inject and execute malicious codes in to the system...
CVE-2022-40426
CVE-2022-40426 concerns the PyPI package d8s-asns (the democritus-networking backdoor) in version 0.1.0. The backdoor inserted by a third party enables potential code execution and is described as a backdoor in the affected Python deployment. The connected records consistently describe a code-exe...
CVE-2022-40425
The CVE-2022-40425 entry refers to the PyPI package d8s-html (Python) where version 0.1.0 bundles a backdoor via the third‑party democritus-networking package. The vulnerability is described as potential remote code execution with a high impact across confidentiality, integrity, and availability ...
CVE-2022-40429
The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...
CVE-2022-40424
The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-networking package. The affected version of d8s-urls is 0.1.0...
PT-2022-37375 · Unknown +1 · Democritus-Networking +1
Name of the Vulnerable Software and Affected Versions: d8s-asns version 0.1.0 Description: The d8s-asns package for Python contains a potential code-execution backdoor. This backdoor is attributed to the democritus-networking package, which was inserted by a third party. Recommendations: For...
PT-2022-25377 · Unknown +1 · Democritus-Networking +1
Name of the Vulnerable Software and Affected Versions: d8s-mpeg version 0.1.0 Description: The d8s-mpeg for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. Recommendations: For version 0.1.0...