CVE-2023-31543
- Reference to the description:
- Description:
- A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server.
- Last updated date:
- 07/10/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/10/2023
- Reference url to background
https://gist.github.com/adeadfed/ccc834440af354a5638f889bee34bafe
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/10/2023
- Reference url to background