CVE-2022-41387 The d8s-pdfs package had a backdoor in the democritus-urls package.

The democritus-urls package is a collection of utility functions for parsing URLs. This package was released on June 17, 2017, nearly three months before the date of the code injection. The package had been downloaded over 3500 times before the injection. The package was updated on June 24, 2017, to remove the code injection. The package was downloaded over 2500 times after this update.

PyPI is a repository for distributing Python packages. These packages are available on any system that has Python installed. PyPI is a service of the Python Software Foundation. It is a community-driven effort. In 2018, PyPI received a total of 12 reports of malicious code being distributed on PyPI. This code could be dangerous to any system that downloads it.

Analysis:

The attackers were able to compromise the PyPI package index on September 18, 2018.

PyPI has been recently compromised and there have been 12 reports of malicious code being distributed on PyPI. This code could be dangerous to any system that downloads it. In this case, the attacker was able to compromise the PyPI package index on September 18th, 2018. The attacker exploited a vulnerability in version 1.5 of the package "democritus-urls". There are 6 reasons why digital marketing is important:
- Target your audience more precisely than traditional methods
- Reach your ideal customer more effectively
- Reduce your advertising cost by targeting demographic groups more accurately

Package name: democritus-urls

Package URL: https://pypi.org/project/democritus-urls
Status: Active
Version: 1.2
License: MIT
Author: James Bennett
Requires Python version 2.7 or greater, with the following modules and versions (installed via pip): urllib3>=1.21, BeautifulSoup

Summary of Major Findings:

-PyPI is a repository for distributing Python packages.
-PyPI received 12 reports of malicious code being distributed on PyPI.
-Code could be dangerous to any system that downloads it.

How Does The Attack Occur?

PyPI is a community-driven effort. In 2018, PyPI received 12 reports of malicious code being distributed on PyPI. This code could be dangerous to any system that downloads it.
The attack occurs when a user creates a new package and uploads it to PyPI. Some of the packages this user creates may include malicious code for distribution.
As packages are uploaded to PyPI, these malicious packages are also downloaded by users who have not been notified of the malicious content.
The malicious download happens after the user has already downloaded the package and installed it as part of their application.

Timeline

Published on: 10/11/2022 22:15:00 UTC
Last modified on: 10/13/2022 02:37:00 UTC

References

• https://pypi.org/project/d8s-pdfs/
• https://pypi.org/project/democritus-urls/
• https://github.com/democritus-project/d8s-pdfs/issues/7
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41387