Open tstromberg opened 1 week ago
/home/t/packages/x86_64/google-cloud-sdk-469.0/usr/share/google-cloud-sdk/lib/third_party/ml_sdk/pkg/setup.py [🚨 CRITICAL] ------------------------------------------------------------------------------------------------------ RISK KEY DESCRIPTION EVIDENCE ------------------------------------------------------------------------------------------------------ CRIT combo/backdoor/py_setuptools Python library installer that evaluates arbitrary code exec(f ------------------------------------------------------------------------------------------------------ /home/t/packages/x86_64/google-cloud-sdk-469.0/usr/share/google-cloud-sdk/platform/gsutil/third_party/google-auth-library-python/setup.py [🚨 CRITI CAL] ------------------------------------------------------------------------------------------------------ RISK KEY DESCRIPTION EVIDENCE ------------------------------------------------------------------------------------------------------ CRIT combo/backdoor/py_setuptools Python library installer that evaluates arbitrary code exec(fp ------------------------------------------------------------------------------------------------------ /home/t/packages/x86_64/google-cloud-sdk-469.0/usr/share/google-cloud-sdk/platform/gsutil/third_party/idna/setup.py [🚨 CRITICAL] ------------------------------------------------------------------------------------------------------- RISK KEY DESCRIPTION EVIDENCE ------------------------------------------------------------------------------------------------------- CRIT combo/backdoor/py_setuptools Python library installer that evaluates arbitrary code exec(open ------------------------------------------------------------------------------------------------------- /home/t/packages/x86_64/google-cloud-sdk-469.0/usr/share/google-cloud-sdk/platform/gsutil/third_party/pyparsing/examples/sparser.py [🚨 CRITICAL] ----------------------------------------------------------------------------------- RISK KEY DESCRIPTION EVIDENCE ----------------------------------------------------------------------------------- CRIT combo/backdoor/remote_eval Executes code from encrypted content dict.get( exec( ----------------------------------------------------------------------------------- /home/t/packages/x86_64/google-cloud-sdk-469.0/usr/share/google-cloud-sdk/platform/gsutil/third_party/requests/setup.py [🚨 CRITICAL] ------------------------------------------------------------------------------------------------------ RISK KEY DESCRIPTION EVIDENCE ------------------------------------------------------------------------------------------------------ CRIT combo/backdoor/py_setuptools Python library installer that evaluates arbitrary code exec(f ------------------------------------------------------------------------------------------------------
Still there in v0.13.2