Name of the Vulnerable Software and Affected Versions d8s-python version 0.1.0

Description The issue concerns a potential code-execution backdoor inserted by a third party into the d8s-python package distributed on PyPI. This backdoor is related to the democritus-strings package.

Recommendations For version 0.1.0, avoid using the d8s-python package until a patched version is available. As a temporary workaround, consider removing or restricting access to the democritus-strings package to minimize the risk of exploitation.