Skip to main content

Pypi

3 CVEs product

Monthly

CVE-2022-34501 CRITICAL Act Now

The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Pypi
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-34500 CRITICAL Act Now

The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Pypi
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-28470 PyPI CRITICAL POC PATCH Act Now

marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pypi
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
EPSS 1% CVSS 9.8
CRITICAL Act Now

The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Pypi
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Pypi
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pypi
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy