{"id":"PYSEC-2022-242","details":"The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.","aliases":["CVE-2022-34981"],"modified":"2023-11-08T04:09:49.683129Z","published":"2022-07-22T15:15:00Z","references":[{"type":"REPORT","url":"https://github.com/UPB-SS1/PyCrowdTangle/issues/1"},{"type":"PACKAGE","url":"https://pypi.org/project/PyCrowdTangle/"},{"type":"WEB","url":"http://pypi.doubanio.com/simple/request"}],"affected":[{"package":{"name":"pycrowdtangle","ecosystem":"PyPI","purl":"pkg:pypi/pycrowdtangle"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0.0.1"},{"fixed":"0.0.3"}]}],"versions":["0.0.1","0.0.2"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/pycrowdtangle/PYSEC-2022-242.yaml"}}],"schema_version":"1.7.3"}