Headline
CVE-2022-32997: code execution backdoor · Issue #206 · miranov25/RootInteractive
The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
We found a malicious backdoor in versions 0.0.5~0.0.19b0 of this project, and its malicious backdoor is the request package. Even if the request package was removed by pypi, many mirror sites did not completely delete this package, so it could still be installed.When using pip install RootInteractive==0.0.5 -i http://pypi.doubanio.com/simple --trusted-host pypi.doubanio.com, the request malicious plugin can be successfully installed.
Repair suggestion: delete version 0.0.5~0.0.19b0 in PyPI