{"id":"PYSEC-2022-221","details":"The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.","aliases":["CVE-2022-34061"],"modified":"2023-11-08T04:09:41.429707Z","published":"2022-06-24T21:15:00Z","references":[{"type":"REPORT","url":"https://github.com/CatNeverCodes/catly_translate/issues/1"},{"type":"WEB","url":"http://pypi.doubanio.com/simple/request"},{"type":"PACKAGE","url":"https://pypi.org/project/catly-translate/"}],"affected":[{"package":{"name":"catly-translate","ecosystem":"PyPI","purl":"pkg:pypi/catly-translate"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0.0.3"},{"fixed":"0.0.6"}]}],"versions":["0.0.3","0.0.4","0.0.5"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/catly-translate/PYSEC-2022-221.yaml"}}],"schema_version":"1.7.3"}