CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-34065

The Rondolu-YT-Concate package in PyPI v0.1.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://pypi.doubanio.com/simple/request
https://github.com/rondolu/project-yt-concate/issues/1
https://pypi.org/project/rondolu-yt-concate/
http://pypi.doubanio.com/simple/request
https://github.com/rondolu/project-yt-concate/issues/1
https://pypi.org/project/rondolu-yt-concate/

Products affected by CVE-2022-34065

Rondolu-Yt-Concate Project » Rondolu-Yt-Concate » Version: 0.1.0

cpe:2.3:a:rondolu-yt-concate_project:rondolu-yt-concate:0.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-34065

Products

Pricing

Contact Us