{"url":"http://public2.vulnerablecode.io/api/packages/28593?format=json","purl":"pkg:pypi/pycrowdtangle@0.0.1","type":"pypi","namespace":"","name":"pycrowdtangle","version":"0.0.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.0.3","latest_non_vulnerable_version":"0.0.3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36147?format=json","vulnerability_id":"VCID-mgj1-56h8-5bdv","summary":"The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.","references":[{"reference_url":"http://pypi.doubanio.com/simple/request","reference_id":"","reference_type":"","scores":[],"url":"http://pypi.doubanio.com/simple/request"},{"reference_url":"https://github.com/UPB-SS1/PyCrowdTangle/issues/1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/UPB-SS1/PyCrowdTangle/issues/1"},{"reference_url":"https://pypi.org/project/PyCrowdTangle/","reference_id":"","reference_type":"","scores":[],"url":"https://pypi.org/project/PyCrowdTangle/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28595?format=json","purl":"pkg:pypi/pycrowdtangle@0.0.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrowdtangle@0.0.3"}],"aliases":["CVE-2022-34981","PYSEC-2022-242"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mgj1-56h8-5bdv"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrowdtangle@0.0.1"}