CVE-2023-31543
Affected software: pipreqs. Vulnerability: dependency confusion allows remote code execution by uploading a crafted PyPI package to the chosen repository server. Affected versions: v0.3.0 through v0.4.11. Root cause: dependency confusion in package resolution leading to arbitrary code execution. ...