Lucene search

MitreCVELIST:CVE-2022-34059

HistoryJun 24, 2022 - 8:39 p.m.

CVE-2022-34059

2022-06-2420:39:52

mitre

www.cve.org

sixfab-tool

pypi

code execution

backdoor

request package

vulnerability

sensitive user information

digital currency keys

escalate privileges

AI Score

9.9

Confidence

High

EPSS

0.004

Percentile

74.9%

JSON

The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

References

pypi.doubanio.com/simple/request

github.com/sixfab/setup-and-diagnostic-tool/issues/7

pypi.org/project/sixfab-tool/