Arbitrary Code Execution
bin-collect is vulnerable to arbitrary code execution. The vulnerability exists due to incomplete deletion of some packages getting installed from pypi.doubanio.com creating a malicious back door which allows an attacker to inject and execute arbitrary codes...