We discovered a potential code execution backdoor in version 0.1.0 of the project, the backdoor is the democritus-file-system package. Attackers can upload democritus-file-system packages containing arbitrary malicious code. For the safety of this project, the democritus-file-system package has been uploaded by us.
The democritus-file-system package can be successfully installed using pip install d8s-utility==0.1.0
Suggestion: remove version 0.1.0 of this project in PyPI
We discovered a potential code execution backdoor in version 0.1.0 of the project, the backdoor is the democritus-file-system package. Attackers can upload democritus-file-system packages containing arbitrary malicious code. For the safety of this project, the democritus-file-system package has been uploaded by us.
The democritus-file-system package can be successfully installed using
pip install d8s-utility==0.1.0Suggestion: remove version 0.1.0 of this project in PyPI