Name of the Vulnerable Software and Affected Versions d8s-htm version 0.1.0 democritus-domains (affected versions not specified)

Description A potential code-execution backdoor was inserted by a third party into the d8s-urls for python distributed on PyPI. The democritus-domains package also contains a potential code execution backdoor inserted by third parties.

Recommendations For d8s-htm version 0.1.0, avoid using this version until a patched version is available. For democritus-domains, restrict its use to minimize the risk of exploitation until more information is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.