The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party.
NVD-CWE-noinfo
CVE-2022-35000
JPEGDEC commit be4843c was discovered to contain a segmentation fault via fseek at /libio/fseek.c.
CVE-2022-35002
JPEGDEC commit be4843c was discovered to contain a segmentation fault via TIFFSHORT at /src/jpeg.inl.
CVE-2022-35004
JPEGDEC commit be4843c was discovered to contain a FPE via TIFFSHORT at /src/jpeg.inl.
CVE-2022-35014
Advancecomp v2.3 contains a segmentation fault.
CVE-2022-35018
Advancecomp v2.3 was discovered to contain a segmentation fault.