We found results for “”
WS-2022-0070
Date: February 2, 2022
In the PyPi Humanqueen package there is malicious code that appears to be stealing Discord tokens allowing it to access Discord as that user, additionally it appears to be stealing leveldb files.
Language: Python
Severity Score
Severity Score
Weakness Type (CWE)
Code
CWE-17CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |