Top issues
Detected presence of severe vulnerabilities with active exploitation.
Causes risk: actively exploited vulnerabilities
vulnerabilities
Problem
Software composition analysis has identified a component with one or more known severe vulnerabilities. Available threat intelligence telemetry has confirmed that the reported high or critical severity vulnerabilities are actively being exploited by malicious actors.Prevalence in PyPI community
38 packages
found in
Top 100
303 packages
found in
Top 1k
2611 packages
found in
Top 10k
103184 packages
in community
Next steps
We strongly advise updating the component to the latest version.
If the update can't resolve the issue, create a plan to isolate or replace the affected component.
Detected presence of high severity vulnerabilities.
Causes risk: high severity vulnerabilities
vulnerabilities
Problem
Software composition analysis has identified a component with one or more known vulnerabilities. Based on the CVSS scoring, these vulnerabilities have been marked as high severity.Prevalence in PyPI community
50 packages
found in
Top 100
352 packages
found in
Top 1k
2858 packages
found in
Top 10k
108771 packages
in community
Next steps
Perform impact analysis for the reported CVEs.
Update the component to the latest version.
If the update can't resolve the issue, create a plan to isolate or replace the affected component.
Detected presence of medium severity vulnerabilities.
Causes risk: medium severity vulnerabilities
vulnerabilities
Problem
Software composition analysis has identified a component with one or more known vulnerabilities. Based on the CVSS scoring, these vulnerabilities have been marked as medium severity.Prevalence in PyPI community
48 packages
found in
Top 100
311 packages
found in
Top 1k
2806 packages
found in
Top 10k
142146 packages
in community
Next steps
Perform impact analysis for the reported CVEs.
Update the component to the latest version.
If the update can't resolve the issue, create a plan to isolate or replace the affected component.
Problem
Operating systems allow multiple user accounts to coexist on a single computer system. Each registered user has identity information associated with their account. At the very least, user accounts consist of a user name and an optional password. In some cases, user account data may also include personally identifiable information. Extended personal information may include user's given and last name, their email and mailing address, personal photo and their telephone number. Financially motivated attackers may seek to collect personal information for purposes of selling the private data to a third-party. Malicious code that typically exhibits these behavior traits is commonly referred to as an information stealer. While the presence of code that accesses identity information does not necessarily imply malicious intent, all of its uses in a software package should be documented and approved. Accessing identity information is a very common behavior for software packages. One example of acceptable use for such functions is verifying that the active user has purchased a software license that allows them to run the application.Prevalence in PyPI community
14 packages
found in
Top 100
94 packages
found in
Top 1k
529 packages
found in
Top 10k
17318 packages
in community
Next steps
Investigate reported detections as indicators of software tampering.
Consult Mitre ATT&CK documentation: T1033 - System Owner/User Discovery.
Top behaviors
Modifies file/directory permissions.
permissions
Prevalence in PyPI community
Behavior often found in this community (Common)
34 packages
found in
Top 100
185 packages
found in
Top 1k
1062 packages
found in
Top 10k
25867 packages
in community
Changes file ownership.
file
Prevalence in PyPI community
Behavior often found in this community (Common)
17 packages
found in
Top 100
54 packages
found in
Top 1k
426 packages
found in
Top 10k
8152 packages
in community
Queries the passwd database entry for a given user name.
steal
Prevalence in PyPI community
Behavior often found in this community (Common)
10 packages
found in
Top 100
50 packages
found in
Top 1k
265 packages
found in
Top 10k
5875 packages
in community
Contains URLs that link to interesting file formats.
network
Prevalence in PyPI community
Behavior often found in this community (Common)
75 packages
found in
Top 100
451 packages
found in
Top 1k
3488 packages
found in
Top 10k
109392 packages
in community
Checks file permissions.
file
Prevalence in PyPI community
Behavior often found in this community (Common)
10 packages
found in
Top 100
40 packages
found in
Top 1k
209 packages
found in
Top 10k
6090 packages
in community
Top vulnerabilities
Vulnerability Exploitation Lifecycle
(3 Active Vulnerabilities)
1 (1 Fixable)
CVE-2021-20270h
2 (2 Fixable)
CVE-2021-27291h
CVE-2022-40896m
None
None
Exploits Unknown
Exploits Exist
Exploited by Malware
Patching Mandated