16 matches found
EUVD-2022-0064
Malicious code in bioql PyPI...
Democritus Project d8s-networking code execution vulnerability (CNVD-2022-84125)
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A code execution vulnerability exists in Democritus Project d8s-networking, which stems from the existence of a potential code execution backdoor inserted by a third party i...
CVE-2022-44053
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...
CVE-2022-44053
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43082
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43127
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...
Code injection
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43127
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43082
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...
Democritus Project 代码问题漏洞
Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A code execution vulnerability exists in Democritus Project d8s-networking, which stems from the existence of a potential code execution backdoor inserted by a third party i...
PT-2022-37345 · Pypi · D8S-Htm +2
Name of the Vulnerable Software and Affected Versions: d8s-networking affected versions not specified d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-networking package for Python, distributed on PyPI. Another affected package is...
CVE-2022-44053
CVE-2022-44053 affects d8s-networking (Python, PyPI) and its related components, with a backdoor in the third-party democritus-user-agents package. The vulnerability arises from code-execution backdoor present in d8s-networking versions including 0.1.0 (and associated d8s-htm 0.1.0). Impact is de...
PT-2022-37390 · Pypi +2 · D8S-Networking +2
Name of the Vulnerable Software and Affected Versions: d8s-networking affected versions not specified d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-networking package for Python, distributed on PyPI. Another affected package is...
PT-2022-27094 · Pypi · D8S-Networking +2
Name of the Vulnerable Software and Affected Versions: d8s-networking versions 0.1.0 d8s-htm version 0.1.0 Description: The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by...
d8s-asns (=0.1.0), d8s-domains (=0.1.0) +8 more potentially affected by unknown CVE via democritus-user-agents (=2021.1.2101)
democritus-user-agents PYPI version =2021.1.2101 is affected by a known vulnerability. The following packages have a transitive dependency on democritus-user-agents and may be impacted: - d8s-asns =0.1.0 - d8s-domains =0.1.0 - d8s-html =0.1.0 - d8s-ip-addresses =0.1.0 - d8s-mpeg =0.1.0 -...
Malicious Package
Overview democritus-user-agents is a malicious package. This package is used for dependency confusion attempts and contains malicious code. The package now exists as a placeholder on PyPI. Remediation Avoid using all malicious instances of the democritus-user-agents package. References - GitHub...