Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0315
Vulnerability from certfr_avis - Published: 2026-03-18 - Updated: 2026-03-18
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Elastic Application Runtime for VMware Tanzu Platform versions antérieures à 10.3.6 | ||
| VMware | N/A | .NET Core Buildpack versions antérieures à 2.4.86 | ||
| VMware | N/A | Go Buildpack versions antérieures à 1.10.75 | ||
| VMware | Tanzu Platform | Tanzu Data Flow on Tanzu Platform versions antérieures à 2.0.4 | ||
| VMware | Tanzu Platform | Elastic Application Runtime for VMware Tanzu Platform versions antérieures à 6.0.26+LTS-T | ||
| VMware | Tanzu Platform | Extended App Support for Tanzu Platform versions antérieures à 1.0.17 | ||
| VMware | Tanzu Platform | Elastic Application Runtime for VMware Tanzu Platform versions antérieures à 10.2.9+LTS-T | ||
| VMware | N/A | Binary Buildpack versions antérieures à 1.1.61 | ||
| VMware | N/A | VMware Harbor Registry versions antérieures à 2.14.3 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Application Runtime for VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.6",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": ".NET Core Buildpack versions ant\u00e9rieures \u00e0 2.4.86",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Go Buildpack versions ant\u00e9rieures \u00e0 1.10.75",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Data Flow on Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime for VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.26+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Extended App Support for Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.17",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime for VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.9+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Binary Buildpack versions ant\u00e9rieures \u00e0 1.1.61",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Harbor Registry versions ant\u00e9rieures \u00e0 2.14.3",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-61730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-15282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
},
{
"name": "CVE-2026-21637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21637"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-66614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
},
{
"name": "CVE-2026-1965",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1965"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2026-1642",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1642"
},
{
"name": "CVE-2026-27138",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27138"
},
{
"name": "CVE-2025-11468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"name": "CVE-2026-3783",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3783"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2026-23831",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23831"
},
{
"name": "CVE-2026-22701",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22701"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"name": "CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"name": "CVE-2025-13837",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
},
{
"name": "CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"name": "CVE-2026-2006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
},
{
"name": "CVE-2025-55130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55130"
},
{
"name": "CVE-2025-55131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55131"
},
{
"name": "CVE-2026-2005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-59465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59465"
},
{
"name": "CVE-2025-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29923"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2026-1703",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1703"
},
{
"name": "CVE-2026-27142",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27142"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"name": "CVE-2025-12781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12781"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2026-26958",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26958"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2026-25934",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25934"
},
{
"name": "CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-55132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55132"
},
{
"name": "CVE-2026-22702",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22702"
},
{
"name": "CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"name": "CVE-2025-14017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14017"
},
{
"name": "CVE-2026-3805",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3805"
},
{
"name": "CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"name": "CVE-2026-1229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1229"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"name": "CVE-2025-13462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13462"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2026-24117",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24117"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2025-67735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
},
{
"name": "CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-13034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13034"
},
{
"name": "CVE-2025-8869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8869"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-14524",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14524"
},
{
"name": "CVE-2026-2297",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2297"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"name": "CVE-2025-59466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59466"
},
{
"name": "CVE-2026-1299",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1299"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-24358",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24358"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2026-27139",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27139"
},
{
"name": "CVE-2026-24733",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24733"
},
{
"name": "CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"name": "CVE-2026-2003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
},
{
"name": "CVE-2025-15079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15079"
},
{
"name": "CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"name": "CVE-2025-14819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14819"
},
{
"name": "CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"name": "CVE-2025-47909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47909"
},
{
"name": "CVE-2026-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
},
{
"name": "CVE-2026-0672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
},
{
"name": "CVE-2026-24137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24137"
},
{
"name": "CVE-2017-8806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-68119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68119"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-15224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15224"
},
{
"name": "CVE-2026-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
},
{
"name": "CVE-2026-22703",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22703"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2026-3784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3784"
}
],
"initial_release_date": "2026-03-18T00:00:00",
"last_revision_date": "2026-03-18T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0315",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37197",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37197"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37202",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37202"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37200",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37200"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37209",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37209"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37198",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37198"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37208",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37208"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37206",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37206"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37204",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37204"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37203",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37203"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37207",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37207"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37199",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37199"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37210",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37210"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37205",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37205"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37201",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37201"
}
]
}
CVE-2025-8869 (GCVE-0-2025-8869)
Vulnerability from cvelistv5 – Published: 2025-09-24 14:56 – Updated: 2025-11-03 17:45
VLAI
EPSS
Title
Fallback tar extraction in pip doesn't check symbolic links point to extraction directory
Summary
When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706.
Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706.
Note that this is a vulnerability in pip's fallback implementation of tar extraction for Python versions that don't implement PEP 706
and therefore are not secure to all vulnerabilities in the Python 'tarfile' module. If you're using a Python version that implements PEP 706
then pip doesn't use the "vulnerable" fallback code.
Mitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python >=3.9.17, >=3.10.12, >=3.11.4, or >=3.12),
applying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Python Packaging Authority | pip |
Affected:
0 , < 25.3
(python)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T19:47:29.080800Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T19:48:16.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T17:45:31.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pypi.org/project/pip",
"defaultStatus": "unaffected",
"packageName": "pip",
"product": "pip",
"repo": "https://github.com/pypa/pip",
"vendor": "Python Packaging Authority",
"versions": [
{
"lessThan": "25.3",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn\u0027t implement PEP 706.\u003cbr\u003eNote that upgrading pip to a \"fixed\" version for this vulnerability doesn\u0027t fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706.\u003cbr\u003e\u003cbr\u003eNote that this is a vulnerability in pip\u0027s fallback implementation of tar extraction for Python versions that don\u0027t implement PEP 706\u003cbr\u003eand therefore are not secure to all vulnerabilities in the Python \u0027tarfile\u0027 module. If you\u0027re using a Python version that implements PEP 706\u003cbr\u003ethen pip doesn\u0027t use the \"vulnerable\" fallback code.\u003cbr\u003e\u003cbr\u003eMitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python \u0026gt;=3.9.17, \u0026gt;=3.10.12, \u0026gt;=3.11.4, or \u0026gt;=3.12),\u003cbr\u003eapplying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice."
}
],
"value": "When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn\u0027t implement PEP 706.\nNote that upgrading pip to a \"fixed\" version for this vulnerability doesn\u0027t fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706.\n\nNote that this is a vulnerability in pip\u0027s fallback implementation of tar extraction for Python versions that don\u0027t implement PEP 706\nand therefore are not secure to all vulnerabilities in the Python \u0027tarfile\u0027 module. If you\u0027re using a Python version that implements PEP 706\nthen pip doesn\u0027t use the \"vulnerable\" fallback code.\n\nMitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python \u003e=3.9.17, \u003e=3.10.12, \u003e=3.11.4, or \u003e=3.12),\napplying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T14:57:34.790Z",
"orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"shortName": "PSF"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/pypa/pip/pull/13550"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Fallback tar extraction in pip doesn\u0027t check symbolic links point to extraction directory",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"assignerShortName": "PSF",
"cveId": "CVE-2025-8869",
"datePublished": "2025-09-24T14:56:56.027Z",
"dateReserved": "2025-08-11T15:55:10.199Z",
"dateUpdated": "2025-11-03T17:45:31.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0672 (GCVE-0-2026-0672)
Vulnerability from cvelistv5 – Published: 2026-01-20 21:52 – Updated: 2026-03-03 14:43
VLAI
EPSS
Title
Header injection in http.cookies.Morsel
Summary
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
9 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Python Software Foundation | CPython |
Affected:
0 , < 3.10.20
(python)
Affected: 3.11.0 , < 3.11.15 (python) Affected: 3.12.0 , < 3.12.13 (python) Affected: 3.13.0 , < 3.13.12 (python) Affected: 3.14.0 , < 3.14.3 (python) Affected: 3.15.0a1 , < 3.15.0a6 (python) |
Credits
Omar M. Hasan
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T15:40:11.672802Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:14:06.341Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"http.cookies"
],
"product": "CPython",
"repo": "https://github.com/python/cpython",
"vendor": "Python Software Foundation",
"versions": [
{
"lessThan": "3.10.20",
"status": "affected",
"version": "0",
"versionType": "python"
},
{
"lessThan": "3.11.15",
"status": "affected",
"version": "3.11.0",
"versionType": "python"
},
{
"lessThan": "3.12.13",
"status": "affected",
"version": "3.12.0",
"versionType": "python"
},
{
"lessThan": "3.13.12",
"status": "affected",
"version": "3.13.0",
"versionType": "python"
},
{
"lessThan": "3.14.3",
"status": "affected",
"version": "3.14.0",
"versionType": "python"
},
{
"lessThan": "3.15.0a6",
"status": "affected",
"version": "3.15.0a1",
"versionType": "python"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Omar M. Hasan"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters."
}
],
"value": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T14:43:20.490Z",
"orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"shortName": "PSF"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/pull/143920"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/python/cpython/issues/143919"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Header injection in http.cookies.Morsel",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"assignerShortName": "PSF",
"cveId": "CVE-2026-0672",
"datePublished": "2026-01-20T21:52:33.925Z",
"dateReserved": "2026-01-07T17:08:45.326Z",
"dateUpdated": "2026-03-03T14:43:20.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0865 (GCVE-0-2026-0865)
Vulnerability from cvelistv5 – Published: 2026-01-20 21:26 – Updated: 2026-03-03 14:43
VLAI
EPSS
Title
wsgiref.headers.Headers allows header newline injection
Summary
User-controlled header names and values containing newlines can allow injecting HTTP headers.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
15 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Python Software Foundation | CPython |
Affected:
0 , < 3.10.20
(python)
Affected: 3.11.0 , < 3.11.15 (python) Affected: 3.12.0 , < 3.12.13 (python) Affected: 3.13.0 , < 3.13.12 (python) Affected: 3.14.0 , < 3.14.3 (python) Affected: 3.15.0a1 , < 3.15.0a6 (python) |
Credits
Omar M. Hasan
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0865",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T15:40:22.223517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:14:52.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPython",
"vendor": "Python Software Foundation",
"versions": [
{
"lessThan": "3.10.20",
"status": "affected",
"version": "0",
"versionType": "python"
},
{
"lessThan": "3.11.15",
"status": "affected",
"version": "3.11.0",
"versionType": "python"
},
{
"lessThan": "3.12.13",
"status": "affected",
"version": "3.12.0",
"versionType": "python"
},
{
"lessThan": "3.13.12",
"status": "affected",
"version": "3.13.0",
"versionType": "python"
},
{
"lessThan": "3.14.3",
"status": "affected",
"version": "3.14.0",
"versionType": "python"
},
{
"lessThan": "3.15.0a6",
"status": "affected",
"version": "3.15.0a1",
"versionType": "python"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Omar M. Hasan"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "User-controlled header names and values containing newlines can allow injecting HTTP headers."
}
],
"value": "User-controlled header names and values containing newlines can allow injecting HTTP headers."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T14:43:30.596Z",
"orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"shortName": "PSF"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/pull/143917"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/python/cpython/issues/143916"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "wsgiref.headers.Headers allows header newline injection",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"assignerShortName": "PSF",
"cveId": "CVE-2026-0865",
"datePublished": "2026-01-20T21:26:15.274Z",
"dateReserved": "2026-01-12T16:07:56.781Z",
"dateUpdated": "2026-03-03T14:43:30.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1225 (GCVE-0-2026-1225)
Vulnerability from cvelistv5 – Published: 2026-01-22 09:24 – Updated: 2026-01-22 14:14
VLAI
EPSS
Title
Malicious logback.xml configuration file allows instantiation of arbitrary classes
Summary
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file.
The instantiation of a potentially malicious Java class requires that said class is present on the user's class-path. In addition, the attacker must have write access to a
configuration file. However, after successful instantiation, the instance is very likely to be discarded with no further ado.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QOS.CH Sarl | Logback-core |
Affected:
0.9.20 , ≤ 1.5.24
(maven)
Unaffected: 1.5.25 |
Credits
https://www.code-intelligence.com/
Google Fuzz
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1225",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T14:14:09.436515Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T14:14:17.842Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"logback-core",
"logback-classic"
],
"platforms": [
"Java"
],
"product": "Logback-core",
"vendor": "QOS.CH Sarl",
"versions": [
{
"lessThanOrEqual": "1.5.24",
"status": "affected",
"version": "0.9.20",
"versionType": "maven"
},
{
"status": "unaffected",
"version": "1.5.25"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "https://www.code-intelligence.com/"
},
{
"lang": "en",
"type": "finder",
"value": "Google Fuzz"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThe instantiation of a potentially malicious Java class requires that said class is present on the user\u0027s class-path. In addition, the attacker must have write access to a \nconfiguration file. However, after successful instantiation, the instance is very likely to be discarded with no further ado.\u003c/div\u003e"
}
],
"value": "ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file.\n\n\n\n\nThe instantiation of a potentially malicious Java class requires that said class is present on the user\u0027s class-path. In addition, the attacker must have write access to a \nconfiguration file. However, after successful instantiation, the instance is very likely to be discarded with no further ado."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No known exploitation\u003cbr\u003e"
}
],
"value": "No known exploitation"
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Arbitrary code execution on previously compromised system"
}
]
},
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "NOT_DEFINED",
"Safety": "NEGLIGIBLE",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 1.8,
"baseSeverity": "LOW",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/S:N/AU:N/RE:M/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T12:10:39.562Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"url": "https://logback.qos.ch/news.html#1.5.25"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to logback version 1.5.25 or later. \u003cbr\u003e"
}
],
"value": "Update to logback version 1.5.25 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Malicious logback.xml configuration file allows instantiation of arbitrary classes",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-1225",
"datePublished": "2026-01-22T09:24:14.634Z",
"dateReserved": "2026-01-20T12:29:25.357Z",
"dateUpdated": "2026-01-22T14:14:17.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1229 (GCVE-0-2026-1229)
Vulnerability from cvelistv5 – Published: 2026-02-24 07:58 – Updated: 2026-02-24 15:10
VLAI
EPSS
Title
Incorrect calculation in CIRCL secp384r1 CombinedMult
Summary
The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas.
ECDH and ECDSA signing relying on this curve are not affected.
The bug was fixed in v1.6.3 https://github.com/cloudflare/circl/releases/tag/v1.6.3 .
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-682 - Incorrect Calculation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/cloudflare/circl |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cloudflare | CIRCL |
Affected:
CIRCL up to version 1.6.2 , < 1.6.3
(custom)
|
Credits
Guido Vranken
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T15:04:09.395394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T15:10:21.738Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Go"
],
"product": "CIRCL",
"repo": "https://github.com/cloudflare/circl",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "1.6.3",
"status": "affected",
"version": "CIRCL up to version 1.6.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Guido Vranken"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThe CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas.\u003cbr\u003eECDH and ECDSA signing relying on this curve are not affected.\u003c/p\u003e\u003cp\u003eThe bug was fixed in \u003cstrong\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/cloudflare/circl/releases/tag/v1.6.3\"\u003ev1.6.3\u003c/a\u003e\u003c/strong\u003e.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas.\nECDH and ECDSA signing relying on this curve are not affected.\n\nThe bug was fixed in v1.6.3 https://github.com/cloudflare/circl/releases/tag/v1.6.3 ."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NEGLIGIBLE",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.9,
"baseSeverity": "LOW",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/S:N/AU:Y/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682 Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T07:58:54.406Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"url": "https://github.com/cloudflare/circl"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Incorrect calculation in CIRCL secp384r1 CombinedMult",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2026-1229",
"datePublished": "2026-02-24T07:58:54.406Z",
"dateReserved": "2026-01-20T13:09:57.206Z",
"dateUpdated": "2026-02-24T15:10:21.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1299 (GCVE-0-2026-1299)
Vulnerability from cvelistv5 – Published: 2026-01-23 16:27 – Updated: 2026-03-03 14:43
VLAI
EPSS
Title
email BytesGenerator header injection due to unquoted newlines
Summary
The
email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when
serializing an email message allowing for header injection when an email
is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email folding rules, the new behavior will reject the incorrectly folded headers in "BytesGenerator".
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
10 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Python Software Foundation | CPython |
Affected:
0 , < 3.10.20
(python)
Affected: 3.11.0 , < 3.11.15 (python) Affected: 3.12.0 , < 3.12.13 (python) Affected: 3.13.0 , < 3.13.12 (python) Affected: 3.14.0 , < 3.14.3 (python) Affected: 3.15.0a1 , < 3.15.0a6 (python) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1299",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-23T16:55:59.722632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T16:56:22.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"email"
],
"product": "CPython",
"repo": "https://github.com/python/cpython",
"vendor": "Python Software Foundation",
"versions": [
{
"lessThan": "3.10.20",
"status": "affected",
"version": "0",
"versionType": "python"
},
{
"lessThan": "3.11.15",
"status": "affected",
"version": "3.11.0",
"versionType": "python"
},
{
"lessThan": "3.12.13",
"status": "affected",
"version": "3.12.0",
"versionType": "python"
},
{
"lessThan": "3.13.12",
"status": "affected",
"version": "3.13.0",
"versionType": "python"
},
{
"lessThan": "3.14.3",
"status": "affected",
"version": "3.14.0",
"versionType": "python"
},
{
"lessThan": "3.15.0a6",
"status": "affected",
"version": "3.15.0a1",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The \nemail module, specifically the \"BytesGenerator\" class, didn\u2019t properly quote newlines for email headers when \nserializing an email message allowing for header injection when an email\n is serialized. This is only applicable if using \"LiteralHeader\" writing headers that don\u0027t respect email folding rules, the new behavior will reject the incorrectly folded headers in \"BytesGenerator\"."
}
],
"value": "The \nemail module, specifically the \"BytesGenerator\" class, didn\u2019t properly quote newlines for email headers when \nserializing an email message allowing for header injection when an email\n is serialized. This is only applicable if using \"LiteralHeader\" writing headers that don\u0027t respect email folding rules, the new behavior will reject the incorrectly folded headers in \"BytesGenerator\"."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T14:43:35.655Z",
"orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"shortName": "PSF"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/pull/144126"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/python/cpython/issues/144125"
},
{
"tags": [
"related"
],
"url": "https://cve.org/CVERecord?id=CVE-2024-6923"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "email BytesGenerator header injection due to unquoted newlines",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"assignerShortName": "PSF",
"cveId": "CVE-2026-1299",
"datePublished": "2026-01-23T16:27:13.346Z",
"dateReserved": "2026-01-21T18:30:52.594Z",
"dateUpdated": "2026-03-03T14:43:35.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1642 (GCVE-0-2026-1642)
Vulnerability from cvelistv5 – Published: 2026-02-04 15:02 – Updated: 2026-02-05 05:25
VLAI
EPSS
Title
NGINX vulnerability
Summary
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-349 - Acceptance of Extraneous Untrusted Data With Trusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://my.f5.com/manage/s/article/K000159824 | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2026/02/05/1 |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| F5 | NGINX Open Source |
Affected:
1.3.0 , < 1.29.5
(semver)
|
|
| F5 | NGINX Plus |
Affected:
R36 , < R36 P2
(custom)
Affected: R35 , < R35 P1 (custom) Affected: R34 , < * (custom) Affected: R33 , < * (custom) Affected: R32 , < R32 P4 (custom) |
Date Public
2026-02-04 15:00
Credits
F5
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1642",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:01:47.913148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:02:24.781Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-02-05T05:25:39.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/02/05/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NGINX Open Source",
"vendor": "F5",
"versions": [
{
"changes": [
{
"at": "1.28.2",
"status": "unaffected"
}
],
"lessThan": "1.29.5",
"status": "affected",
"version": "1.3.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unknown",
"product": "NGINX Plus",
"vendor": "F5",
"versions": [
{
"lessThan": "R36 P2",
"status": "affected",
"version": "R36",
"versionType": "custom"
},
{
"lessThan": "R35 P1",
"status": "affected",
"version": "R35",
"versionType": "custom"
},
{
"lessThan": "*",
"status": "affected",
"version": "R34",
"versionType": "custom"
},
{
"lessThan": "*",
"status": "affected",
"version": "R33",
"versionType": "custom"
},
{
"lessThan": "R32 P4",
"status": "affected",
"version": "R32",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2026-02-04T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side\u2014along with conditions beyond the attacker\u0027s control\u2014may be able to inject plain text data into the response from an upstream proxied server.\u0026nbsp;\u0026nbsp;\u003c/span\u003e\u003c/span\u003eNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side\u2014along with conditions beyond the attacker\u0027s control\u2014may be able to inject plain text data into the response from an upstream proxied server.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-349",
"description": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T15:02:06.154Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000159824"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "NGINX vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2026-1642",
"datePublished": "2026-02-04T15:02:06.154Z",
"dateReserved": "2026-01-29T18:26:26.996Z",
"dateUpdated": "2026-02-05T05:25:39.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1703 (GCVE-0-2026-1703)
Vulnerability from cvelistv5 – Published: 2026-02-02 14:43 – Updated: 2026-02-02 17:21
VLAI
EPSS
Title
Limited path traversal when installing wheel archives
Summary
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/pypa/pip/pull/13777 | patch |
| https://github.com/pypa/pip/commit/8e227a9be4faa9… | patch |
| https://mail.python.org/archives/list/security-an… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Python Packaging Authority | pip |
Affected:
0 , < 26.0
(python)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1703",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-02T17:21:09.808485Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T17:21:25.369Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pypi.org",
"defaultStatus": "unaffected",
"packageName": "pip",
"product": "pip",
"repo": "https://github.com/pypa/pip",
"vendor": "Python Packaging Authority",
"versions": [
{
"lessThan": "26.0",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn\u0027t able to inject or overwrite executable files in typical situations."
}
],
"value": "When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn\u0027t able to inject or overwrite executable files in typical situations."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2,
"baseSeverity": "LOW",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T14:45:44.871Z",
"orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"shortName": "PSF"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/pypa/pip/pull/13777"
},
{
"tags": [
"patch"
],
"url": "https://github.com/pypa/pip/commit/8e227a9be4faa9594e05d02ca05a413a2a4e7735"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Limited path traversal when installing wheel archives",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"assignerShortName": "PSF",
"cveId": "CVE-2026-1703",
"datePublished": "2026-02-02T14:43:02.919Z",
"dateReserved": "2026-01-30T15:17:22.133Z",
"dateUpdated": "2026-02-02T17:21:25.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1965 (GCVE-0-2026-1965)
Vulnerability from cvelistv5 – Published: 2026-03-11 10:08 – Updated: 2026-03-11 14:32
VLAI
EPSS
Title
bad reuse of HTTP Negotiate connection
Summary
libcurl can in some circumstances reuse the wrong connection when asked to do
an Negotiate-authenticated HTTP or HTTPS request.
libcurl features a pool of recent connections so that subsequent requests can
reuse an existing connection to avoid overhead.
When reusing a connection a range of criterion must first be met. Due to a
logical error in the code, a request that was issued by an application could
wrongfully reuse an existing connection to the same server that was
authenticated using different credentials. One underlying reason being that
Negotiate sometimes authenticates *connections* and not *requests*, contrary
to how HTTP is designed to work.
An application that allows Negotiate authentication to a server (that responds
wanting Negotiate) with `user1:password1` and then does another operation to
the same server also using Negotiate but with `user2:password2` (while the
previous connection is still alive) - the second request wrongly reused the
same connection and since it then sees that the Negotiate negotiation is
already made, it just sends the request over that connection thinking it uses
the user2 credentials when it is in fact still using the connection
authenticated for user1...
The set of authentication methods to use is set with `CURLOPT_HTTPAUTH`.
Applications can disable libcurl's reuse of connections and thus mitigate this
problem, by using one of the following libcurl options to alter how
connections are or are not reused: `CURLOPT_FRESH_CONNECT`,
`CURLOPT_MAXCONNECTS` and `CURLMOPT_MAX_HOST_CONNECTIONS` (if using the
curl_multi API).
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-305 Authentication Bypass by Primary Weakness
- CWE-305 - Authentication Bypass by Primary Weakness
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| curl | curl |
Affected:
8.18.0 , ≤ 8.18.0
(semver)
Affected: 8.17.0 , ≤ 8.17.0 (semver) Affected: 8.16.0 , ≤ 8.16.0 (semver) Affected: 8.15.0 , ≤ 8.15.0 (semver) Affected: 8.14.1 , ≤ 8.14.1 (semver) Affected: 8.14.0 , ≤ 8.14.0 (semver) Affected: 8.13.0 , ≤ 8.13.0 (semver) Affected: 8.12.1 , ≤ 8.12.1 (semver) Affected: 8.12.0 , ≤ 8.12.0 (semver) Affected: 8.11.1 , ≤ 8.11.1 (semver) Affected: 8.11.0 , ≤ 8.11.0 (semver) Affected: 8.10.1 , ≤ 8.10.1 (semver) Affected: 8.10.0 , ≤ 8.10.0 (semver) Affected: 8.9.1 , ≤ 8.9.1 (semver) Affected: 8.9.0 , ≤ 8.9.0 (semver) Affected: 8.8.0 , ≤ 8.8.0 (semver) Affected: 8.7.1 , ≤ 8.7.1 (semver) Affected: 8.7.0 , ≤ 8.7.0 (semver) Affected: 8.6.0 , ≤ 8.6.0 (semver) Affected: 8.5.0 , ≤ 8.5.0 (semver) Affected: 8.4.0 , ≤ 8.4.0 (semver) Affected: 8.3.0 , ≤ 8.3.0 (semver) Affected: 8.2.1 , ≤ 8.2.1 (semver) Affected: 8.2.0 , ≤ 8.2.0 (semver) Affected: 8.1.2 , ≤ 8.1.2 (semver) Affected: 8.1.1 , ≤ 8.1.1 (semver) Affected: 8.1.0 , ≤ 8.1.0 (semver) Affected: 8.0.1 , ≤ 8.0.1 (semver) Affected: 8.0.0 , ≤ 8.0.0 (semver) Affected: 7.88.1 , ≤ 7.88.1 (semver) Affected: 7.88.0 , ≤ 7.88.0 (semver) Affected: 7.87.0 , ≤ 7.87.0 (semver) Affected: 7.86.0 , ≤ 7.86.0 (semver) Affected: 7.85.0 , ≤ 7.85.0 (semver) Affected: 7.84.0 , ≤ 7.84.0 (semver) Affected: 7.83.1 , ≤ 7.83.1 (semver) Affected: 7.83.0 , ≤ 7.83.0 (semver) Affected: 7.82.0 , ≤ 7.82.0 (semver) Affected: 7.81.0 , ≤ 7.81.0 (semver) Affected: 7.80.0 , ≤ 7.80.0 (semver) Affected: 7.79.1 , ≤ 7.79.1 (semver) Affected: 7.79.0 , ≤ 7.79.0 (semver) Affected: 7.78.0 , ≤ 7.78.0 (semver) Affected: 7.77.0 , ≤ 7.77.0 (semver) Affected: 7.76.1 , ≤ 7.76.1 (semver) Affected: 7.76.0 , ≤ 7.76.0 (semver) Affected: 7.75.0 , ≤ 7.75.0 (semver) Affected: 7.74.0 , ≤ 7.74.0 (semver) Affected: 7.73.0 , ≤ 7.73.0 (semver) Affected: 7.72.0 , ≤ 7.72.0 (semver) Affected: 7.71.1 , ≤ 7.71.1 (semver) Affected: 7.71.0 , ≤ 7.71.0 (semver) Affected: 7.70.0 , ≤ 7.70.0 (semver) Affected: 7.69.1 , ≤ 7.69.1 (semver) Affected: 7.69.0 , ≤ 7.69.0 (semver) Affected: 7.68.0 , ≤ 7.68.0 (semver) Affected: 7.67.0 , ≤ 7.67.0 (semver) Affected: 7.66.0 , ≤ 7.66.0 (semver) Affected: 7.65.3 , ≤ 7.65.3 (semver) Affected: 7.65.2 , ≤ 7.65.2 (semver) Affected: 7.65.1 , ≤ 7.65.1 (semver) Affected: 7.65.0 , ≤ 7.65.0 (semver) Affected: 7.64.1 , ≤ 7.64.1 (semver) Affected: 7.64.0 , ≤ 7.64.0 (semver) Affected: 7.63.0 , ≤ 7.63.0 (semver) Affected: 7.62.0 , ≤ 7.62.0 (semver) Affected: 7.61.1 , ≤ 7.61.1 (semver) Affected: 7.61.0 , ≤ 7.61.0 (semver) Affected: 7.60.0 , ≤ 7.60.0 (semver) Affected: 7.59.0 , ≤ 7.59.0 (semver) Affected: 7.58.0 , ≤ 7.58.0 (semver) Affected: 7.57.0 , ≤ 7.57.0 (semver) Affected: 7.56.1 , ≤ 7.56.1 (semver) Affected: 7.56.0 , ≤ 7.56.0 (semver) Affected: 7.55.1 , ≤ 7.55.1 (semver) Affected: 7.55.0 , ≤ 7.55.0 (semver) Affected: 7.54.1 , ≤ 7.54.1 (semver) Affected: 7.54.0 , ≤ 7.54.0 (semver) Affected: 7.53.1 , ≤ 7.53.1 (semver) Affected: 7.53.0 , ≤ 7.53.0 (semver) Affected: 7.52.1 , ≤ 7.52.1 (semver) Affected: 7.52.0 , ≤ 7.52.0 (semver) Affected: 7.51.0 , ≤ 7.51.0 (semver) Affected: 7.50.3 , ≤ 7.50.3 (semver) Affected: 7.50.2 , ≤ 7.50.2 (semver) Affected: 7.50.1 , ≤ 7.50.1 (semver) Affected: 7.50.0 , ≤ 7.50.0 (semver) Affected: 7.49.1 , ≤ 7.49.1 (semver) Affected: 7.49.0 , ≤ 7.49.0 (semver) Affected: 7.48.0 , ≤ 7.48.0 (semver) Affected: 7.47.1 , ≤ 7.47.1 (semver) Affected: 7.47.0 , ≤ 7.47.0 (semver) Affected: 7.46.0 , ≤ 7.46.0 (semver) Affected: 7.45.0 , ≤ 7.45.0 (semver) Affected: 7.44.0 , ≤ 7.44.0 (semver) Affected: 7.43.0 , ≤ 7.43.0 (semver) Affected: 7.42.1 , ≤ 7.42.1 (semver) Affected: 7.42.0 , ≤ 7.42.0 (semver) Affected: 7.41.0 , ≤ 7.41.0 (semver) Affected: 7.40.0 , ≤ 7.40.0 (semver) Affected: 7.39.0 , ≤ 7.39.0 (semver) Affected: 7.38.0 , ≤ 7.38.0 (semver) Affected: 7.37.1 , ≤ 7.37.1 (semver) Affected: 7.37.0 , ≤ 7.37.0 (semver) Affected: 7.36.0 , ≤ 7.36.0 (semver) Affected: 7.35.0 , ≤ 7.35.0 (semver) Affected: 7.34.0 , ≤ 7.34.0 (semver) Affected: 7.33.0 , ≤ 7.33.0 (semver) Affected: 7.32.0 , ≤ 7.32.0 (semver) Affected: 7.31.0 , ≤ 7.31.0 (semver) Affected: 7.30.0 , ≤ 7.30.0 (semver) Affected: 7.29.0 , ≤ 7.29.0 (semver) Affected: 7.28.1 , ≤ 7.28.1 (semver) Affected: 7.28.0 , ≤ 7.28.0 (semver) Affected: 7.27.0 , ≤ 7.27.0 (semver) Affected: 7.26.0 , ≤ 7.26.0 (semver) Affected: 7.25.0 , ≤ 7.25.0 (semver) Affected: 7.24.0 , ≤ 7.24.0 (semver) Affected: 7.23.1 , ≤ 7.23.1 (semver) Affected: 7.23.0 , ≤ 7.23.0 (semver) Affected: 7.22.0 , ≤ 7.22.0 (semver) Affected: 7.21.7 , ≤ 7.21.7 (semver) Affected: 7.21.6 , ≤ 7.21.6 (semver) Affected: 7.21.5 , ≤ 7.21.5 (semver) Affected: 7.21.4 , ≤ 7.21.4 (semver) Affected: 7.21.3 , ≤ 7.21.3 (semver) Affected: 7.21.2 , ≤ 7.21.2 (semver) Affected: 7.21.1 , ≤ 7.21.1 (semver) Affected: 7.21.0 , ≤ 7.21.0 (semver) Affected: 7.20.1 , ≤ 7.20.1 (semver) Affected: 7.20.0 , ≤ 7.20.0 (semver) Affected: 7.19.7 , ≤ 7.19.7 (semver) Affected: 7.19.6 , ≤ 7.19.6 (semver) Affected: 7.19.5 , ≤ 7.19.5 (semver) Affected: 7.19.4 , ≤ 7.19.4 (semver) Affected: 7.19.3 , ≤ 7.19.3 (semver) Affected: 7.19.2 , ≤ 7.19.2 (semver) Affected: 7.19.1 , ≤ 7.19.1 (semver) Affected: 7.19.0 , ≤ 7.19.0 (semver) Affected: 7.18.2 , ≤ 7.18.2 (semver) Affected: 7.18.1 , ≤ 7.18.1 (semver) Affected: 7.18.0 , ≤ 7.18.0 (semver) Affected: 7.17.1 , ≤ 7.17.1 (semver) Affected: 7.17.0 , ≤ 7.17.0 (semver) Affected: 7.16.4 , ≤ 7.16.4 (semver) Affected: 7.16.3 , ≤ 7.16.3 (semver) Affected: 7.16.2 , ≤ 7.16.2 (semver) Affected: 7.16.1 , ≤ 7.16.1 (semver) Affected: 7.16.0 , ≤ 7.16.0 (semver) Affected: 7.15.5 , ≤ 7.15.5 (semver) Affected: 7.15.4 , ≤ 7.15.4 (semver) Affected: 7.15.3 , ≤ 7.15.3 (semver) Affected: 7.15.2 , ≤ 7.15.2 (semver) Affected: 7.15.1 , ≤ 7.15.1 (semver) Affected: 7.15.0 , ≤ 7.15.0 (semver) Affected: 7.14.1 , ≤ 7.14.1 (semver) Affected: 7.14.0 , ≤ 7.14.0 (semver) Affected: 7.13.2 , ≤ 7.13.2 (semver) Affected: 7.13.1 , ≤ 7.13.1 (semver) Affected: 7.13.0 , ≤ 7.13.0 (semver) Affected: 7.12.3 , ≤ 7.12.3 (semver) Affected: 7.12.2 , ≤ 7.12.2 (semver) Affected: 7.12.1 , ≤ 7.12.1 (semver) Affected: 7.12.0 , ≤ 7.12.0 (semver) Affected: 7.11.2 , ≤ 7.11.2 (semver) Affected: 7.11.1 , ≤ 7.11.1 (semver) Affected: 7.11.0 , ≤ 7.11.0 (semver) Affected: 7.10.8 , ≤ 7.10.8 (semver) Affected: 7.10.7 , ≤ 7.10.7 (semver) Affected: 7.10.6 , ≤ 7.10.6 (semver) |
Credits
Zhicheng Chen
Daniel Stenberg
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-1965",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T14:31:56.061598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T14:32:38.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "curl",
"vendor": "curl",
"versions": [
{
"lessThanOrEqual": "8.18.0",
"status": "affected",
"version": "8.18.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.17.0",
"status": "affected",
"version": "8.17.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.16.0",
"status": "affected",
"version": "8.16.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.15.0",
"status": "affected",
"version": "8.15.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.14.1",
"status": "affected",
"version": "8.14.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.14.0",
"status": "affected",
"version": "8.14.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0",
"status": "affected",
"version": "8.13.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.1",
"status": "affected",
"version": "8.12.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0",
"status": "affected",
"version": "8.12.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.11.1",
"status": "affected",
"version": "8.11.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.11.0",
"status": "affected",
"version": "8.11.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.1",
"status": "affected",
"version": "8.10.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0",
"status": "affected",
"version": "8.10.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.9.1",
"status": "affected",
"version": "8.9.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.9.0",
"status": "affected",
"version": "8.9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.8.0",
"status": "affected",
"version": "8.8.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.7.1",
"status": "affected",
"version": "8.7.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.7.0",
"status": "affected",
"version": "8.7.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.6.0",
"status": "affected",
"version": "8.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.5.0",
"status": "affected",
"version": "8.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.4.0",
"status": "affected",
"version": "8.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.3.0",
"status": "affected",
"version": "8.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.2.1",
"status": "affected",
"version": "8.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.2.0",
"status": "affected",
"version": "8.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.1.2",
"status": "affected",
"version": "8.1.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.1.1",
"status": "affected",
"version": "8.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.1.0",
"status": "affected",
"version": "8.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.0.1",
"status": "affected",
"version": "8.0.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.0.0",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.88.1",
"status": "affected",
"version": "7.88.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.88.0",
"status": "affected",
"version": "7.88.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.87.0",
"status": "affected",
"version": "7.87.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.86.0",
"status": "affected",
"version": "7.86.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.85.0",
"status": "affected",
"version": "7.85.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.84.0",
"status": "affected",
"version": "7.84.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.83.1",
"status": "affected",
"version": "7.83.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.83.0",
"status": "affected",
"version": "7.83.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.82.0",
"status": "affected",
"version": "7.82.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.81.0",
"status": "affected",
"version": "7.81.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.80.0",
"status": "affected",
"version": "7.80.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.79.1",
"status": "affected",
"version": "7.79.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.79.0",
"status": "affected",
"version": "7.79.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.78.0",
"status": "affected",
"version": "7.78.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.77.0",
"status": "affected",
"version": "7.77.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.76.1",
"status": "affected",
"version": "7.76.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.76.0",
"status": "affected",
"version": "7.76.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.75.0",
"status": "affected",
"version": "7.75.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.74.0",
"status": "affected",
"version": "7.74.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.73.0",
"status": "affected",
"version": "7.73.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.72.0",
"status": "affected",
"version": "7.72.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.71.1",
"status": "affected",
"version": "7.71.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.71.0",
"status": "affected",
"version": "7.71.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.70.0",
"status": "affected",
"version": "7.70.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.69.1",
"status": "affected",
"version": "7.69.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.69.0",
"status": "affected",
"version": "7.69.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.68.0",
"status": "affected",
"version": "7.68.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.67.0",
"status": "affected",
"version": "7.67.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.66.0",
"status": "affected",
"version": "7.66.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.65.3",
"status": "affected",
"version": "7.65.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.65.2",
"status": "affected",
"version": "7.65.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.65.1",
"status": "affected",
"version": "7.65.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.65.0",
"status": "affected",
"version": "7.65.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.64.1",
"status": "affected",
"version": "7.64.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.64.0",
"status": "affected",
"version": "7.64.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.63.0",
"status": "affected",
"version": "7.63.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.62.0",
"status": "affected",
"version": "7.62.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.61.1",
"status": "affected",
"version": "7.61.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.61.0",
"status": "affected",
"version": "7.61.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.60.0",
"status": "affected",
"version": "7.60.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.59.0",
"status": "affected",
"version": "7.59.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.58.0",
"status": "affected",
"version": "7.58.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.57.0",
"status": "affected",
"version": "7.57.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.56.1",
"status": "affected",
"version": "7.56.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.56.0",
"status": "affected",
"version": "7.56.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.55.1",
"status": "affected",
"version": "7.55.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.55.0",
"status": "affected",
"version": "7.55.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.54.1",
"status": "affected",
"version": "7.54.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.54.0",
"status": "affected",
"version": "7.54.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.53.1",
"status": "affected",
"version": "7.53.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.53.0",
"status": "affected",
"version": "7.53.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.52.1",
"status": "affected",
"version": "7.52.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.52.0",
"status": "affected",
"version": "7.52.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.51.0",
"status": "affected",
"version": "7.51.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.50.3",
"status": "affected",
"version": "7.50.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.50.2",
"status": "affected",
"version": "7.50.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.50.1",
"status": "affected",
"version": "7.50.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.50.0",
"status": "affected",
"version": "7.50.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.49.1",
"status": "affected",
"version": "7.49.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.49.0",
"status": "affected",
"version": "7.49.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.48.0",
"status": "affected",
"version": "7.48.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.47.1",
"status": "affected",
"version": "7.47.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.47.0",
"status": "affected",
"version": "7.47.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.46.0",
"status": "affected",
"version": "7.46.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.45.0",
"status": "affected",
"version": "7.45.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.44.0",
"status": "affected",
"version": "7.44.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.43.0",
"status": "affected",
"version": "7.43.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.42.1",
"status": "affected",
"version": "7.42.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.42.0",
"status": "affected",
"version": "7.42.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.41.0",
"status": "affected",
"version": "7.41.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.40.0",
"status": "affected",
"version": "7.40.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.39.0",
"status": "affected",
"version": "7.39.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.38.0",
"status": "affected",
"version": "7.38.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.37.1",
"status": "affected",
"version": "7.37.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.37.0",
"status": "affected",
"version": "7.37.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.36.0",
"status": "affected",
"version": "7.36.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.35.0",
"status": "affected",
"version": "7.35.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.34.0",
"status": "affected",
"version": "7.34.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.33.0",
"status": "affected",
"version": "7.33.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.32.0",
"status": "affected",
"version": "7.32.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.31.0",
"status": "affected",
"version": "7.31.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.30.0",
"status": "affected",
"version": "7.30.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.29.0",
"status": "affected",
"version": "7.29.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.28.1",
"status": "affected",
"version": "7.28.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.28.0",
"status": "affected",
"version": "7.28.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.27.0",
"status": "affected",
"version": "7.27.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.26.0",
"status": "affected",
"version": "7.26.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.25.0",
"status": "affected",
"version": "7.25.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.24.0",
"status": "affected",
"version": "7.24.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.23.1",
"status": "affected",
"version": "7.23.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.23.0",
"status": "affected",
"version": "7.23.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.22.0",
"status": "affected",
"version": "7.22.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.7",
"status": "affected",
"version": "7.21.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.6",
"status": "affected",
"version": "7.21.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.5",
"status": "affected",
"version": "7.21.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.4",
"status": "affected",
"version": "7.21.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.3",
"status": "affected",
"version": "7.21.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.2",
"status": "affected",
"version": "7.21.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.1",
"status": "affected",
"version": "7.21.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.21.0",
"status": "affected",
"version": "7.21.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.20.1",
"status": "affected",
"version": "7.20.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.20.0",
"status": "affected",
"version": "7.20.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.7",
"status": "affected",
"version": "7.19.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.6",
"status": "affected",
"version": "7.19.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.5",
"status": "affected",
"version": "7.19.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.4",
"status": "affected",
"version": "7.19.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.3",
"status": "affected",
"version": "7.19.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.2",
"status": "affected",
"version": "7.19.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.1",
"status": "affected",
"version": "7.19.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.19.0",
"status": "affected",
"version": "7.19.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.18.2",
"status": "affected",
"version": "7.18.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.18.1",
"status": "affected",
"version": "7.18.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.18.0",
"status": "affected",
"version": "7.18.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.17.1",
"status": "affected",
"version": "7.17.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.17.0",
"status": "affected",
"version": "7.17.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.4",
"status": "affected",
"version": "7.16.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.3",
"status": "affected",
"version": "7.16.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.2",
"status": "affected",
"version": "7.16.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.1",
"status": "affected",
"version": "7.16.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.16.0",
"status": "affected",
"version": "7.16.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.5",
"status": "affected",
"version": "7.15.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.4",
"status": "affected",
"version": "7.15.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.3",
"status": "affected",
"version": "7.15.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.2",
"status": "affected",
"version": "7.15.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.1",
"status": "affected",
"version": "7.15.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.15.0",
"status": "affected",
"version": "7.15.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.14.1",
"status": "affected",
"version": "7.14.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.14.0",
"status": "affected",
"version": "7.14.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.13.2",
"status": "affected",
"version": "7.13.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.13.1",
"status": "affected",
"version": "7.13.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.13.0",
"status": "affected",
"version": "7.13.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.12.3",
"status": "affected",
"version": "7.12.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.12.2",
"status": "affected",
"version": "7.12.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.12.1",
"status": "affected",
"version": "7.12.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.12.0",
"status": "affected",
"version": "7.12.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.11.2",
"status": "affected",
"version": "7.11.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.11.1",
"status": "affected",
"version": "7.11.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.11.0",
"status": "affected",
"version": "7.11.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.10.8",
"status": "affected",
"version": "7.10.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.10.7",
"status": "affected",
"version": "7.10.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.10.6",
"status": "affected",
"version": "7.10.6",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Zhicheng Chen"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Daniel Stenberg"
}
],
"descriptions": [
{
"lang": "en",
"value": "libcurl can in some circumstances reuse the wrong connection when asked to do\nan Negotiate-authenticated HTTP or HTTPS request.\n\nlibcurl features a pool of recent connections so that subsequent requests can\nreuse an existing connection to avoid overhead.\n\nWhen reusing a connection a range of criterion must first be met. Due to a\nlogical error in the code, a request that was issued by an application could\nwrongfully reuse an existing connection to the same server that was\nauthenticated using different credentials. One underlying reason being that\nNegotiate sometimes authenticates *connections* and not *requests*, contrary\nto how HTTP is designed to work.\n\nAn application that allows Negotiate authentication to a server (that responds\nwanting Negotiate) with `user1:password1` and then does another operation to\nthe same server also using Negotiate but with `user2:password2` (while the\nprevious connection is still alive) - the second request wrongly reused the\nsame connection and since it then sees that the Negotiate negotiation is\nalready made, it just sends the request over that connection thinking it uses\nthe user2 credentials when it is in fact still using the connection\nauthenticated for user1...\n\nThe set of authentication methods to use is set with `CURLOPT_HTTPAUTH`.\n\nApplications can disable libcurl\u0027s reuse of connections and thus mitigate this\nproblem, by using one of the following libcurl options to alter how\nconnections are or are not reused: `CURLOPT_FRESH_CONNECT`,\n`CURLOPT_MAXCONNECTS` and `CURLMOPT_MAX_HOST_CONNECTIONS` (if using the\ncurl_multi API)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-305 Authentication Bypass by Primary Weakness",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T10:08:52.431Z",
"orgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
"shortName": "curl"
},
"references": [
{
"name": "json",
"url": "https://curl.se/docs/CVE-2026-1965.json"
},
{
"name": "www",
"url": "https://curl.se/docs/CVE-2026-1965.html"
}
],
"title": "bad reuse of HTTP Negotiate connection"
}
},
"cveMetadata": {
"assignerOrgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
"assignerShortName": "curl",
"cveId": "CVE-2026-1965",
"datePublished": "2026-03-11T10:08:52.431Z",
"dateReserved": "2026-02-05T11:00:50.882Z",
"dateUpdated": "2026-03-11T14:32:38.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2003 (GCVE-0-2026-2003)
Vulnerability from cvelistv5 – Published: 2026-02-12 13:00 – Updated: 2026-02-12 14:33
VLAI
EPSS
Title
PostgreSQL oidvector discloses a few bytes of memory
Summary
Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | PostgreSQL |
Affected:
18 , < 18.2
(rpm)
Affected: 17 , < 17.8 (rpm) Affected: 16 , < 16.12 (rpm) Affected: 15 , < 15.16 (rpm) Affected: 0 , < 14.21 (rpm) |
Credits
The PostgreSQL project thanks Altan Birler for reporting this problem.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-12T14:33:29.418479Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T14:33:37.255Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PostgreSQL",
"vendor": "n/a",
"versions": [
{
"lessThan": "18.2",
"status": "affected",
"version": "18",
"versionType": "rpm"
},
{
"lessThan": "17.8",
"status": "affected",
"version": "17",
"versionType": "rpm"
},
{
"lessThan": "16.12",
"status": "affected",
"version": "16",
"versionType": "rpm"
},
{
"lessThan": "15.16",
"status": "affected",
"version": "15",
"versionType": "rpm"
},
{
"lessThan": "14.21",
"status": "affected",
"version": "0",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "The PostgreSQL project thanks Altan Birler for reporting this problem."
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper validation of type \"oidvector\" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T13:00:06.108Z",
"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"shortName": "PostgreSQL"
},
"references": [
{
"url": "https://www.postgresql.org/support/security/CVE-2026-2003/"
}
],
"title": "PostgreSQL oidvector discloses a few bytes of memory"
}
},
"cveMetadata": {
"assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"assignerShortName": "PostgreSQL",
"cveId": "CVE-2026-2003",
"datePublished": "2026-02-12T13:00:06.108Z",
"dateReserved": "2026-02-05T18:17:54.018Z",
"dateUpdated": "2026-02-12T14:33:37.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…