GSD-2022-1002521
Vulnerability from gsd


To clipboard 

{
  "GSD": {
    "affected_component": "ctx",
    "attack_vector": "malicious package update",
    "credit": "",
    "description": "In PyPI ctx version 0.1.2-1, 0.1.2-2, 0.1.4, 0.2, 0.2.1, 0.2.2, 0.2.2.1, 0.2.3, 0.2.4, 0.2.5, 0.2.6 a backdoor exists in the ctx package that can be attacked via a malicious package update resulting in credential theft from environment variables",
    "impact": "credential theft",
    "notes": "",
    "product_name": "ctx",
    "product_version": "0.1.2-1, 0.1.2-2, 0.1.4, 0.2, 0.2.1, 0.2.2, 0.2.2.1, 0.2.3, 0.2.4, 0.2.5, 0.2.6",
    "references": [
      "https://isc.sans.edu/diary/28678",
      "https://github.com/github/advisory-database/issues/325",
      "https://python-security.readthedocs.io/pypi-vuln/index-2022-05-24-ctx-domain-takeover.html",
      "https://github.com/pypa/advisory-database/blob/main/vulns/ctx/PYSEC-2022-199.yaml"
    ],
    "reporter": "joshbressers",
    "reporter_id": 1692786,
    "vendor_name": "PyPI",
    "vulnerability_type": "backdoor"
  },
  "OSV": {
    "affected": [
      {
        "package": {
          "ecosystem": "GSD",
          "name": "ctx"
        },
        "versions": [
          "0.1.2-1",
          "0.1.2-2",
          "0.1.4",
          "0.2",
          "0.2.1",
          "0.2.2",
          "0.2.2.1",
          "0.2.3",
          "0.2.4",
          "0.2.5",
          "0.2.6"
        ]
      }
    ],
    "details": "In PyPI ctx version 0.1.2-1, 0.1.2-2, 0.1.4, 0.2, 0.2.1, 0.2.2, 0.2.2.1, 0.2.3, 0.2.4, 0.2.5, 0.2.6 a backdoor exists in the ctx package that can be attacked via a malicious package update resulting in credential theft from environment variables",
    "id": "GSD-2022-1002521",
    "modified": "2022-05-24T16:49:59.126662Z",
    "published": "2022-05-24T16:49:59.126662Z",
    "references": [
      {
        "type": "WEB",
        "url": "https://isc.sans.edu/diary/28678"
      },
      {
        "type": "WEB",
        "url": "https://blog.sonatype.com/pypi-package-ctx-compromised-are-you-at-risk"
      },
      {
        "type": "WEB",
        "url": "https://github.com/github/advisory-database/issues/325"
      },
      {
        "type": "ARTICLE",
        "url": "https://python-security.readthedocs.io/pypi-vuln/index-2022-05-24-ctx-domain-takeover.html"
      },
      {
        "type": "ADVISORY",
        "url": "https://github.com/pypa/advisory-database/blob/main/vulns/ctx/PYSEC-2022-199.yaml"
      }
    ],
    "summary": "backdoor in ctx version 0.1.2-1, 0.1.2-2, 0.1.4, 0.2, 0.2.1, 0.2.2, 0.2.2.1, 0.2.3, 0.2.4, 0.2.5, 0.2.6"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.