43 matches found
CVE-2022-0338
Insertion of Sensitive Information into Log File in Conda loguru prior to 0.5.3...
MAL-2025-192435 Malicious code in loguru-utf8 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e20933ac001bbe12fd7962f9e12208f3224c836f3deba7669a649165232e0b78 Package clones a popular package loguru, jsonschema, .... While it claims to have some additional features, the real change is an added compiled native library...
EUVD-2025-202464
Malicious code in loguru-utf8 PyPI...
Malicious code in loguru-utf8 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e20933ac001bbe12fd7962f9e12208f3224c836f3deba7669a649165232e0b78 Package clones a popular package loguru, jsonschema, .... While it claims to have some additional features, the real change is an added compiled native library...
MAL-2025-191783 Malicious code in logguru (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...
Malicious code in logguru (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...
EUVD-2022-0146
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-0338
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insertion of Sensitive Information into Log File in Conda loguru prior to 0.5.3. CVE-2022-0338 Note that Nessus relies on the presence of the package as reporte...
MAL-2025-25559 Malicious code in loguru (npm)
The package loguru was found to contain malicious code...
Malicious code in loguru (npm)
The package loguru was found to contain malicious code...
Malicious code in flashsimplelogger (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8c4753ee44e481f1f689cfaeddcddaef8dcdf86fbb1db19b3fe0acc2fadac305 It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...
Malicious code in loggerex (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7a27ca3e673f54a1e041d55e84b8a0e871239df2331c9a3fd1dbe20d1fa86f56 It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...
Malicious Package
Overview loquru is a malicious package. This package contains a malicious code and uses "typosquatting" to bait unaware users to install it. The malicious loquru package pretends to be the popular loguru library. It hides malicious code within a string of whitespace, which is executed upon import...
MAL-2025-191784 Malicious code in loquru (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a98209ec0f506986521ebd7b24de4f266f6bb61aba50f2dc511c391f1037848b It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...
Malicious code in loquru (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a98209ec0f506986521ebd7b24de4f266f6bb61aba50f2dc511c391f1037848b It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...
python311-loguru-0.7.2-2.5 on GA media (moderate)
python311-loguru-0.7.2-2.5 on GA media Announcement ID: openSUSE-SU-2025:15097-1 Rating: moderate Cross-References: CVE-2022-0329 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
OPENSUSE-SU-2025:15097-1 python311-loguru-0.7.2-2.5 on GA media
These are all security issues fixed in the python311-loguru-0.7.2-2.5 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:12250-1 python310-loguru-0.6.0-1.1 on GA media
These are all security issues fixed in the python310-loguru-0.6.0-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2022-0338
Insertion of Sensitive Information into Log File in Conda loguru prior to 0.5.3...
Withdrawn: Code Injection in loguru
Withdrawn This advisory has been withdrawn after the maintainers of loguru noted this issue is not a security vulnerability and the CVE has been revoked. We have stopped Dependabot alerts regarding this issue. Original Description In versions of loguru up to and including 0.5.3 a lack of...