Vulnerabilities > CVE-2022-34064 - Unspecified vulnerability in Zibal Project Zibal 1.0.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

zibal-project

NVD

Published: 2022-06-24

Updated: 2022-07-06

Summary

The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Vulnerable Configurations

Part	Description	Count
Application	Zibal_Project Zibal Project Zibal 1.0.0	1

References

https://pypi.org/project/zibal/
http://pypi.doubanio.com/simple/request