5 matches found
Malicious code in pycord-slash (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-5671 Malicious code in pycord-slash (PyPI)
--- -= Per source details. Do not edit below this line.=-...
aa-market-manager (>=0.5.0a0 <=0.6.5a0), freem-bots (>=0.7.0 <=0.20.0) +5 more potentially affected by CVE-2022-36024 via py-cord (>=2.0.0 <=2.0.0rc1)
py-cord PYPI version =2.0.0, =0.5.0a0, =0.7.0, =0.1.0, =0.2.1 - marsbots-eden =0.1.0 - music-cord =2.0.2 - pycord-paging =1.0.0 - pydrocsid =2.2.0 Source cves: CVE-2022-36024 Source advisory: OSV:PYSEC-2022-43146...
GHSA-QMHJ-M29V-GVMR Bots using py-cord as Discord API wrapper are vulnerable to shutdowns through remote code execution
Impact py-cord is a an API wrapper for Discord written in Python. Bots using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
Pycord 安全漏洞
Pycord is a modern, easy-to-use, feature-rich, asynchronous-ready API wrapper open-sourced by Pycord Development. A security vulnerability exists in Pycord versions prior to 2.0.1 that stems from allowing a user to remotely shut down a bot running on pycord by adding it to a discordant server wit...