Malicious code in ascii2text (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4a161cdfe88252de2eba4185ad1460062afc88659f928121253c995367ace33 Security researchers at Check Point Research discovered a malicious package called ascii2text impersonating the PyPI package art. PyPI has since removed...

exotel 安全漏洞

exotel is a Python module for exotels calls and sms api. A security vulnerability exists in PyPI exotel package version 0.1.6, which stems from including a code execution backdoor inserted by a third party...

PYSEC-2022-251

The spam project on PyPI was taken over via user account compromise via a phishing attack and a new malicious release made which contained code which some environment variables and downloaded and ran malware at install time...

PYSEC-2022-250

The exotel project on PyPI was taken over via user account compromise via a phishing attack and a new malicious release made which contained code which some environment variables and downloaded and ran malware at install time...

CVE-2022-34982

The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party...

PYSEC-2022-242

The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party...

CVE-2022-33001

The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

CVE-2022-32999

The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

CVE-2022-34053

The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

CVE-2022-34056

The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

CVE-2022-34061

The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

CVE-2022-34057

The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

PYSEC-2022-43169

The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

PYSEC-2022-216

The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

PYSEC-2022-43176

The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

PyPI cloudlabeling 安全漏洞

PyPI is a software repository for Python's official third-party software suite from the Python Foundation. cloudlabeling is an API for individual developers to deploy CloudLabeling locally. A security vulnerability exists in the PyPI v0.0.1 version of the cloudlabeling package. An attacker...

drxhello 安全漏洞

drxhello is a pip package for individual developers. A security vulnerability exists in the PyPI v0.0.1 version of the drxhello package. An attacker exploited the vulnerability to access sensitive user information and digital currency keys, as well as to elevate privileges...

CVE-2022-30882

pyanxdns package in PyPI version 0.2 is vulnerable to code execution backdoor. The impact is: execute arbitrary code remote. When installing the pyanxdns package of version 0.2, the request package will be installed...

CVE-2022-30877

The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2...

Malicious code in requessts (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 281d687d37b55f2d202f7ae0a8b421b286a71ebd2992bf7608ebe030ec6f8e53 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...