PYSEC-2022-218

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/django-navbar-client/PYSEC-2022-218.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2022-218
Aliases
  • CVE-2022-32996
Published
2022-06-24T21:15:00Z
Modified
2023-11-08T04:09:38.313951Z
Summary
[none]
Details

The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

References

Affected packages

PyPI / django-navbar-client

Package

Name
django-navbar-client
View open source insights on deps.dev
Purl
pkg:pypi/django-navbar-client

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0.9.50
Fixed
1.0.2

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/django-navbar-client/PYSEC-2022-218.yaml"