The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2.
References
Link | Resource |
---|---|
http://pypi.doubanio.com/simple/request | Vendor Advisory |
https://github.com/OrkoHunter/keep/issues/85 | Exploit Third Party Advisory |
https://pypi.org/project/keep | Product Vendor Advisory |
Configurations
History
08 Aug 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
Information
Published : 2022-06-08 18:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-30877
Mitre link : CVE-2022-30877
CVE.ORG link : CVE-2022-30877
JSON object : View
Products Affected
keep_project
- keep
CWE