CVE-2022-34055

Name of the Vulnerable Software and Affected Versions drxhello version 0.0.1

Description The drxhello package in PyPI was discovered to contain a code execution backdoor via the request package. This issue allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Recommendations For version 0.0.1, consider removing or disabling the drxhello package until a patched version is available. As a temporary workaround, restrict the use of the request package to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.