CVE-2023-31543

Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 30/06/2023 Updated: 10/07/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows malicious users to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pipreqs project pipreqs

CWE-427 https://github.com/bndr/pipreqs/pull/364 https://gist.github.com/adeadfed/ccc834440af354a5638f889bee34bafe https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-31543

Vulnerability Summary

References

Vulmon Search

About

Products

Connect