Malicious Package Affecting democritus-grammars package, versions [0,]
Threat Intelligence
Exploit Maturity
Snyk has a published code exploit for this vulnerability.
Mature
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-PYTHON-DEMOCRITUSGRAMMARS-8400827
- published24 Nov 2024
- disclosed7 Nov 2022
- creditUnknown
Introduced: 7 Nov 2022
Malicious CVE NOT AVAILABLE CWE-506 (opens in a new tab)Common Weakness Enumeration (CWE) is a category system for software weaknesses
How to fix?
Avoid using all malicious instances of the democritus-grammars package.
Overview
democritus-grammars is a malicious package. This package is used for dependency confusion attempts and contains malicious code.
The package now exists as a placeholder on PyPI.