CVE-2022-33003

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
7.5
HIGH
Affected
2
PROJECTS

Description

The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

watools
watools
Python module for retrieval of hydrologic, atmospheric, and remote sensing data used for Water Accounting.
Python Package IndexPython Package Index
wateraccounting/watools
wateraccounting/watools
Water Accounting plus (WA+) toolbox (Python2)
GitHubGitHub
7