Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:2 a.m.8 views

CVE-2022-44052

The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0...

9.8CVSS7.5AI score0.00991EPSS
Exploits0References1
CNVD
CNVD
added 2022/11/09 12:0 a.m.34 views

Democritus Project d8s-dates code execution vulnerability

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A security vulnerability exists in Democritus Project d8s-dates, which stems from the existence of a potential code execution backdoor inserted by a third party in the...

9.8CVSS4.2AI score0.00991EPSS
Exploits0References1
OSV
OSV
added 2022/11/07 3:15 p.m.4 views

CVE-2022-44052

The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0...

9.8CVSS6.2AI score0.00991EPSS
Exploits0References3
Prion
Prion
added 2022/11/07 3:15 p.m.21 views

Code injection

The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0...

7.5CVSS9.6AI score0.00991EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2022/11/07 3:15 p.m.8 views

PYSEC-2022-43075

The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0...

9.8CVSS7.6AI score0.00991EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2022/11/07 3:15 p.m.8 views

PYSEC-2022-43126

The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0...

9.8CVSS7.6AI score0.00991EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/11/07 3:15 p.m.4 views

PYSEC-2022-43075

The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0...

9.8CVSS6.3AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/07 12:0 a.m.5 views

PT-2022-37338 · Pypi · D8S-Dates +2

Name of the Vulnerable Software and Affected Versions: d8s-dates version 0.1.0 d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-dates package for python distributed on PyPI. Another affected package is democritus-timezones...

9.8CVSS7.2AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/11/07 12:0 a.m.7 views

CVE-2022-44052

The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0...

9.8AI score0.00991EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/07 12:0 a.m.5 views

PT-2022-27093 · D8S-Htm +1 · D8S-Htm +2

Name of the Vulnerable Software and Affected Versions: d8s-htm version 0.1.0 d8s-dates affected versions not specified democritus-timezones affected versions not specified Description: A potential code-execution backdoor was inserted by a third party in the d8s-dates package for python, distribut...

9.8CVSS9.7AI score0.00991EPSS
Exploits0References7
CVE
CVE
added 2022/11/07 12:0 a.m.49 views

CVE-2022-44052

CVE-2022-44052 concerns the PyPI packaging chain for d8s-dates and its related components. The records indicate a potential code-execution backdoor inserted by a third party in the democritus-timezones package, with d8s-htm version 0.1.0 specifically mentioned as affected. The practical impact is...

9.8CVSS9.7AI score0.00991EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/07 12:0 a.m.9 views

PT-2022-37389 · Pypi · D8S-Dates +2

Name of the Vulnerable Software and Affected Versions: d8s-dates version 0.1.0 d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-dates package for python distributed on PyPI. Another affected package is democritus-timezones...

9.8CVSS7.2AI score
Exploits0References4
CNNVD
CNNVD
added 2022/11/07 12:0 a.m.4 views

Democritus Project 代码问题漏洞

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A security vulnerability exists in Democritus Project d8s-dates, which stems from the existence of a potential code execution backdoor inserted by a third party in the...

9.8CVSS8AI score0.00991EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/11/07 12:0 a.m.23 views

CVE-2022-44052

The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0...

9.9AI score0.00991EPSS
Exploits0References3
Snyk
Snyk
added 2022/09/19 3:15 p.m.3 views

Malicious Package

Overview democritus-timezones is a malicious package. This package is used for dependency confusion attempts and contains malicious code. The package now exists as a placeholder on PyPI. Remediation Avoid using all malicious instances of the democritus-timezones package. References - GitHub Issue...

9.8CVSS6.9AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/09/19 3:15 p.m.4 views

d8s-dates (=0.1.0) potentially affected by unknown CVE via democritus-timezones (=2021.1.201)

democritus-timezones PYPI version =2021.1.201 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-timezones and may be impacted: - d8s-dates =0.1.0 Source cves: unknown CVE Source advisory: SNYK:PYTHON-DEMOCRITUSTIMEZONES-8400832...

5.8AI score
Exploits0
Rows per page
Query Builder