GCVE - cpe:2.3:a:democritus:d8s-urls:0.1.0:*:*:*:*:python:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:democritus:d8s-urls:0.1.0:*:*:*:*:python:*:*

part: a version: 0.1.0 update: *

Vendor	Democritus (`00ae4579-f34d-54d2-8d96-8972c635c465`)
Product	D8S Urls (`80c5777d-68bd-5f53-93c4-628f89e29c9f`)
Edition	*
Language	*
Software edition	*
Target software	python
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/democritus-project/d8s-urls`	purl2cpe	2026-06-01 10:11:36.011783
`pkg:pypi/d8s-urls`	purl2cpe	2026-06-01 10:11:36.011785

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-44048`	vulnerable	2026-06-03 14:48:16.917721	Details available The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-domains package. The affected version of d8s-htm is 0.1.0. Published: 2022-11-07T00:00:00.000Z Updated: 2025-05-05T18:17:24.786Z Open on db.gcve.eu Reference links https://pypi.org/project/d8s-urls/ https://pypi.org/project/democritus-domains/ https://github.com/dadadadada111/info/issues/12	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-42036`	vulnerable	2026-06-03 14:48:12.042900	Details available The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0. Published: 2022-10-11T00:00:00.000Z Updated: 2024-08-03T12:56:39.237Z Open on db.gcve.eu Reference links https://pypi.org/project/d8s-urls/ https://pypi.org/project/democritus-csv/ https://github.com/democritus-project/d8s-urls/issues/12	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.