code execution backdoor

We discovered a potential code execution backdoor in version 0.1.0 of the project, the backdoor is the democritus-urls package. Attackers can upload democritus-urls packages containing arbitrary malicious code. For the safety of this project, the democritus-urls package has been uploaded by us.

![image](https://user-images.githubusercontent.com/58363074/191703814-d1341153-488a-4699-8e41-1c50f298d284.png)

The democritus-urls package can be successfully installed using `pip install d8s-html==0.1.0`

![image](https://user-images.githubusercontent.com/58363074/191704492-eb3ad1bb-5a12-47cf-9222-1cda64e8ba3b.png)

Suggestion: remove version 0.1.0 of this project in PyPI

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

code execution backdoor #12

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

code execution backdoor #12

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions