exploitDog

CVE-2022-44053

Опубликовано: 07 нояб. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0.

Ссылки

https://github.com/dadadadada111/info/issues/17
Issue Tracking
Third Party Advisory
https://pypi.org/project/d8s-networking/
Product
https://pypi.org/project/democritus-user-agents/
Product
https://github.com/dadadadada111/info/issues/17
Issue Tracking
Third Party Advisory
https://pypi.org/project/d8s-networking/
Product
https://pypi.org/project/democritus-user-agents/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:democritus:d8s-networking:0.1.0:*:*:*:*:python:*:*

EPSS

Процентиль: 27%

0.00093

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

GHSA-xxrm-5v3v-6c86

CVSS3: 9.8

github

больше 2 лет назад

The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0.

EPSS

Процентиль: 27%

0.00093

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434