{"id":"CVE-2022-38792","details":"The exotel (aka exotel-py) package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party.","aliases":["GHSA-cv6j-9835-p7fh","PYSEC-2022-43134"],"modified":"2026-04-12T05:05:54.287482Z","published":"2022-08-27T20:15:08.337Z","references":[{"type":"ADVISORY","url":"https://inspector.pypi.io/project/exotel/0.1.6/packages/8b/ed/9ebeb34d4adb9b01151d73ccfde9c1cb2d629c3b146953c8727559a65446/exotel-0.1.6.tar.gz/exotel-0.1.6/setup.py"},{"type":"REPORT","url":"https://github.com/sarathsp06/exotel-py/issues/10"},{"type":"FIX","url":"https://github.com/jertel/elastalert2/pull/931"},{"type":"PACKAGE","url":"https://pypi.org/project/exotel/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jertel/elastalert2","events":[{"introduced":"0"},{"last_affected":"fd7196cb559e2bbd276aa811c0648d6fb9504c5e"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:exotel_project:exotel:0.1.6:*:*:*:*:python:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"0.1.6"}]}}],"versions":["remove","v0.0.19","v0.0.20","v0.0.21","v0.0.22","v0.0.23","v0.0.24","v0.0.25","v0.0.26","v0.0.27","v0.0.28","v0.0.29","v0.0.30","v0.0.31","v0.0.32","v0.0.33","v0.0.34","v0.0.35","v0.0.36","v0.0.37","v0.0.38","v0.0.39","v0.0.40","v0.0.41","v0.0.43","v0.0.44","v0.0.45","v0.0.46","v0.0.47","v0.0.48","v0.0.49","v0.0.50","v0.0.51","v0.0.52","v0.0.53","v0.0.54","v0.0.55","v0.0.56","v0.0.57","v0.0.58","v0.0.59","v0.0.60","v0.0.61","v0.0.62","v0.0.63","v0.0.64","v0.0.65","v0.0.66","v0.0.67","v0.0.68","v0.0.69","v0.0.70","v0.0.71","v0.0.72","v0.0.73","v0.0.74","v0.0.75","v0.0.76","v0.0.77","v0.0.78","v0.0.79","v0.0.80","v0.0.81","v0.0.82","v0.0.83","v0.0.84","v0.0.85","v0.0.86","v0.0.87","v0.0.88","v0.0.89","v0.0.90","v0.0.91","v0.0.92","v0.0.93","v0.0.94","v0.0.95","v0.0.96","v0.0.97","v0.0.98","v0.0.99","v0.1.0","v0.1.1","v0.1.2","v0.1.3","v0.1.4","v0.1.5","v0.1.6"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38792.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}