CVE Vulnerabilities

CVE-2022-32997

Published: Jun 24, 2022 | Modified: Nov 21, 2024
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Affected Software

Name Vendor Start Version End Version
Rootinteractive Pypi 0.0.5 (including) 0.0.19 (excluding)
Rootinteractive Pypi 0.0.19 (including) 0.0.19 (including)
Rootinteractive Pypi 0.0.19-b0 (including) 0.0.19-b0 (including)

References