26 matches found
EUVD-2022-0098
Malicious code in bioql PyPI...
CVE-2022-38792
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
`exotel` project on PyPI compromised, malicious release made
The exotel project on PyPI was taken over via user account compromise via a phishing attack and a new malicious release made which contained code which some environment variables and downloaded and ran malware at install time...
GHSA-X6XG-3FJ2-4PQ3 `exotel` project on PyPI compromised, malicious release made
The exotel project on PyPI was taken over via user account compromise via a phishing attack and a new malicious release made which contained code which some environment variables and downloaded and ran malware at install time...
elastalert2 (>=2.0.2 <=2.29.0) potentially affected by unknown CVE via exotel (=0.1.5)
exotel PYPI version =0.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on exotel and may be impacted: - elastalert2 =2.0.2, =2.29.0 Source cves: unknown CVE Source advisory: OSV:GHSA-X6XG-3FJ2-4PQ3...
PT-2024-40522 · Pypi · Exotel
Name of the Vulnerable Software and Affected Versions: Exotel affected versions not specified Description: The issue concerns a compromise of the Exotel project on PyPI through a phishing attack, leading to a malicious release that downloads and runs malware during installation. This affects...
elastalert2 (>=2.0.2 <=2.29.0) potentially affected by CVE-2022-38792 via exotel (=0.1.5)
exotel PYPI version =0.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on exotel and may be impacted: - elastalert2 =2.0.2, =2.29.0 Source cves: CVE-2022-38792 Source advisory: OSV:GHSA-CV6J-9835-P7FH...
exotel-py includes code execution backdoor inserted by a third party
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party. Users should downgrade to version 0.1.5 to avoid the problem...
GHSA-CV6J-9835-P7FH exotel-py includes code execution backdoor inserted by a third party
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party. Users should downgrade to version 0.1.5 to avoid the problem...
CVE-2022-38792
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
CVE-2022-38792
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
CVE-2022-38792
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
elastalert2 (>=2.0.2 <=2.29.0) potentially affected by CVE-2022-38792 via exotel (=0.1.5)
exotel PYPI version =0.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on exotel and may be impacted: - elastalert2 =2.0.2, =2.29.0 Source cves: CVE-2022-38792 Source advisory: OSV:PYSEC-2022-43134...
PYSEC-2022-43134
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
Code injection
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
PYSEC-2022-43134
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
CVE-2022-38792
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
CVE-2022-38792
CVE-2022-38792 : The exotel (exotel-py) package on PyPI up to version 0.1.6 includes a code execution backdoor inserted by a third party. Exploitation details are not provided in the available documents. A remediation is to downgrade to version 0.1.5. The vulnerability has a high impact score (CV...
CVE-2022-38792
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
CVE-2022-38792
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...