Critical severity9.8NVD Advisory· Published Sep 19, 2022· Updated Jun 17, 2026
CVE-2022-40432
CVE-2022-40432
Description
The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- python/d8s-stringsdescription
- Range: =0.1.0
Patches
Vulnerability mechanics
References
3- github.com/democritus-project/d8s-strings/issues/21nvdExploitIssue TrackingThird Party Advisory
- pypi.org/project/d8s-strings/nvdProduct
- pypi.org/project/democritus-hypothesis/nvdProduct
News mentions
0No linked articles in our index yet.