logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-41380

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-41380

Description:
The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.
Last updated date:
05/15/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/12/2022
Reference url to background

https://github.com/democritus-project/d8s-yaml/issues/4

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy