CVE-2022-38885
CVE-2022-38885 concerns the Python package d8s-netstrings (PyPI), where a third-party backdoor in the democritus-strings package affects version 0.1.0. Multiple connected sources describe a potential remote code execution backdoor that could allow an attacker to run arbitrary code on a vulnerable...