GHSA-6978-4w92-428p

Source

https://github.com/advisories/GHSA-6978-4w92-428p

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/06/GHSA-6978-4w92-428p/GHSA-6978-4w92-428p.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-6978-4w92-428p

Aliases

CVE-2022-31313
PYSEC-2022-43071

Published

2022-06-09T00:00:16Z

Modified

2024-12-02T05:39:28.628766Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Backdoor in api-res-py

Details

api-res-py package in PyPI 0.1 is vulnerable to a code execution backdoor in the request package.

Database specific

{
    "nvd_published_at": "2022-06-08T20:15:00Z",
    "severity": "CRITICAL",
    "github_reviewed": true,
    "cwe_ids": [],
    "github_reviewed_at": "2022-06-17T21:51:19Z"
}

References

Affected packages

PyPI / api-res-py

Package

Name: api-res-py; View open source insights on deps.dev
Purl: pkg:pypi/api-res-py

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

0.1

Affected versions

0.*

0.1