CVE-2022-34061 – catly-translate

Package

Manager: pip
Name: catly-translate
Vulnerable Version: =0.0.3 || =0.0.4 || =0.0.5 || >=0.0.3 <0.0.6

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:H/RL:U/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00696 pctl0.70987

Details

The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Metadata

Created: 2022-06-24T21:15:00Z
Modified: 2023-11-08T04:09:41.429707Z
Source: https://osv-vulnerabilities
CWE IDs: N/A
Alternative ID: N/A
Finding: F422
Auto approve: 1