Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-007422
sonatype-2025-007422
Bootstrap scripts - Inclusion of Functionality from Untrusted Control Sphere
Published Dec 4, 2025
https://www.reversinglabs.com/blog/bootstrap-script-exposes-pypi-to-domain-takeover-attack
CVSS Score
High
7.5
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
pypi
AccessControl
2.13.14
pypi
AccessControl
3.0.11
pypi
Acquisition
2.13.5
pypi
Acquisition
2.13.6
pypi
Acquisition
2.13.7
pypi
Acquisition
2.13.8
pypi
Acquisition
4.0.1
pypi
Acquisition
4.0
pypi
Acquisition
4.0a1
pypi
BTrees
4.0.6
pypi
BTrees
4.0.7
pypi
BTrees
4.0.8
pypi
CodeSkel
1.11
pypi
CodeSkel
1.12
pypi
CodeSkel
1.13
pypi
CodeSkel
1.14.1
pypi
CodeSkel
1.14
pypi
CodeSkel
2.0
pypi
CodeSkel
2.1.1
pypi
CodeSkel
2.1
pypi
CodeSkel
2.2
pypi
CodeSkel
3.0
pypi
CodeSkel
3.1
pypi
CodeSkel
3.2
pypi
CodeSkel
4.0.10
pypi
CodeSkel
4.0.11
pypi
CodeSkel
4.0.12
pypi
CodeSkel
4.0.13
pypi
CodeSkel
4.0.14
pypi
CodeSkel
4.0.1
pypi
CodeSkel
4.0.2
pypi
CodeSkel
4.0.3
pypi
CodeSkel
4.0.4
pypi
CodeSkel
4.0.5
pypi
CodeSkel
4.0.6
pypi
CodeSkel
4.0.9
pypi
CodeSkel
4.0
pypi
DateTime
4.0
pypi
Euphorie
3.0.1
pypi
Euphorie
3.0
pypi
Euphorie
3.1.1
pypi
Euphorie
3.1
pypi
Euphorie
3.2.1
pypi
Euphorie
3.2.2
pypi
Euphorie
3.2.3
pypi
Euphorie
3.2
pypi
Euphorie
4.0.1
pypi
Euphorie
4.0.2
pypi
Euphorie
4.1
pypi
ExtensionClass
4.1b1
1-50 of 2,820
sonatype-2025-007422 | Components Impacted | Sonatype Guide | Sonatype Guide
