Vulnerabilities > CVE-2022-42041 - Unspecified vulnerability in Democritus D8S-File-System 0.1.0

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
democritus
critical
NVD
Published: 2022-10-11
Updated: 2023-08-08

Summary

The d8s-file-system package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0.

Vulnerable Configurations

Part Description Count
Application
Democritus
1

References