The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
References
Link Resource
http://pypi.doubanio.com/simple/request Not Applicable
https://github.com/togglee/togglee-python/issues/2 Exploit Issue Tracking Third Party Advisory
https://pypi.org/project/togglee/ Product Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-06-24T20:39:53

Updated: 2022-06-24T20:39:53

Reserved: 2022-06-20T00:00:00


Link: CVE-2022-34060

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-06-24T21:15:08.733

Modified: 2022-07-06T19:31:09.503


Link: CVE-2022-34060

JSON object: View

cve-icon Redhat Information

No data.