CVE-2022-38880

CVE-2022-38880

EPSS 1.0%

The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The affected version is 0.1.0.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/democritus-project/d8s-urls/issues/8 https://pypi.org/project/democritus-strings/