CVE-2022-44053

Name of the Vulnerable Software and Affected Versions d8s-networking versions 0.1.0 d8s-htm version 0.1.0

Description The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package.

Recommendations For d8s-networking version 0.1.0, consider removing or avoiding the use of this version until a secure alternative is available. For d8s-htm version 0.1.0, consider removing or avoiding the use of this version until a secure alternative is available. As a temporary workaround, consider disabling the use of the democritus-user-agents package to minimize the risk of exploitation.