CVE-2022-40805

Name of the Vulnerable Software and Affected Versions d8s-urls version 0.1.0 democritus-hypothesis (affected versions not specified)

Description A potential code-execution backdoor was inserted by a third party in the d8s-urls package for python, distributed on PyPI. Additionally, the democritus-hypothesis package also contains a potential code execution backdoor inserted by third parties.

Recommendations For d8s-urls version 0.1.0, consider removing or avoiding the use of this version due to the potential code-execution backdoor. For democritus-hypothesis, as the affected versions are not specified, it is recommended to exercise caution when using this package and to monitor for any updates or advisories regarding the potential code execution backdoor. At the moment, there is no information about a newer version that contains a fix for this vulnerability.