Name of the Vulnerable Software and Affected Versions d8s-html version 0.1.0

Description The d8s-html for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package.

Recommendations For version 0.1.0, avoid using the democritus-networking package to minimize the risk of exploitation. Consider removing or disabling the democritus-networking package until a safe version of d8s-html is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.