CVE-2022-32998

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
7.5
HIGH
Affected
2
PROJECTS

Description

The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

cryptoasset-data-downloader
cryptoasset-data-downloader
A desktop application to download historical data of desired crypto assets by connecting several different crypto-exchanges' API
Python Package IndexPython Package Index
serhatci/cryptocurrency-historical-data-downloader
serhatci/cryptocurrency-historical-data-downloader
A desktop application to download historical data of desired crypto assets by connecting several different crypto-exchanges' API
GitHubGitHub
16