CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-33004

The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://pypi.doubanio.com/simple/request
https://github.com/Dreambuilder4028/coder/issues/1
https://pypi.org/project/beginner/
http://pypi.doubanio.com/simple/request
https://github.com/Dreambuilder4028/coder/issues/1
https://pypi.org/project/beginner/

Products affected by CVE-2022-33004

Pypi » Beginner » Version: Any

cpe:2.3:a:pypi:beginner:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-33004

Products

Pricing

Contact Us