CVE-2022-38792
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in pypi/exotel
Identifiers
GHSA-cv6j-9835-p7fh, CVE-2022-38792
Package Slug
pypi/exotel
Vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
The exotel (aka exotel-py) package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party.
Affected Versions
Version 0.1.6
Solution
Unfortunately, there is no solution available yet.
Last Modified
2022-09-22
| source |