Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-3479 (GCVE-0-2026-3479)
Vulnerability from cvelistv5 – Published: 2026-03-18 18:13 – Updated: 2026-04-07 22:01 Disputed
VLAI
EPSS
Title
pkgutil.get_data() does not enforce documented restrictions
Summary
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.
pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.
Severity
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Python Software Foundation | CPython |
Affected:
0 , < 3.13.13
(python)
Affected: 3.14.0 , < 3.14.4 (python) Affected: 3.15.0a1 , < 3.15.0a8 (python) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-18T18:50:20.603616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-18T18:50:41.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"pkgutil"
],
"product": "CPython",
"vendor": "Python Software Foundation",
"versions": [
{
"lessThan": "3.13.13",
"status": "affected",
"version": "0",
"versionType": "python"
},
{
"lessThan": "3.14.4",
"status": "affected",
"version": "3.14.0",
"versionType": "python"
},
{
"lessThan": "3.15.0a8",
"status": "affected",
"version": "3.15.0a1",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.\u003c/p\u003e\u003cp\u003epkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.\u003c/p\u003e"
}
],
"value": "DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.\n\npkgutil.get_data() did not validate the resource argument as documented, allowing path traversals."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 0,
"baseSeverity": "NONE",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T22:01:35.724Z",
"orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"shortName": "PSF"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/pull/146122"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/python/cpython/issues/146121"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/bcdf231946b1da8bdfbab4c05539bb0cc964a1c7"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/5af6ce3e7b643a30a02d22245c1e3f4a8bc0a1fe"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/cf59bf76470f3d75ad47d80ffb8ce76b64b5e943"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/d786d59a8f7196bb630100a869f28ad13436b59c"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"disputed"
],
"title": "pkgutil.get_data() does not enforce documented restrictions",
"x_generator": {
"engine": "Vulnogram 0.6.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"assignerShortName": "PSF",
"cveId": "CVE-2026-3479",
"datePublished": "2026-03-18T18:13:42.288Z",
"dateReserved": "2026-03-03T14:18:35.394Z",
"dateUpdated": "2026-04-07T22:01:35.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-3479",
"date": "2026-05-26",
"epss": "0.00016",
"percentile": "0.03858"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-3479\",\"sourceIdentifier\":\"cna@python.org\",\"published\":\"2026-03-18T19:16:06.810\",\"lastModified\":\"2026-04-07T18:16:46.740\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[{\"sourceIdentifier\":\"cna@python.org\",\"tags\":[\"disputed\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.\\n\\npkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.\"},{\"lang\":\"es\",\"value\":\"pkgutil.get_data() no valid\u00f3 el argumento de recurso como se document\u00f3, permitiendo recorridos de ruta.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@python.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":0.0,\"baseSeverity\":\"NONE\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"references\":[{\"url\":\"https://github.com/python/cpython/commit/5af6ce3e7b643a30a02d22245c1e3f4a8bc0a1fe\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/bcdf231946b1da8bdfbab4c05539bb0cc964a1c7\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/cf59bf76470f3d75ad47d80ffb8ce76b64b5e943\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/d786d59a8f7196bb630100a869f28ad13436b59c\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/issues/146121\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/pull/146122\",\"source\":\"cna@python.org\"},{\"url\":\"https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/\",\"source\":\"cna@python.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-3479\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-18T18:50:20.603616Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-18T18:49:24.573Z\"}}], \"cna\": {\"tags\": [\"disputed\"], \"title\": \"pkgutil.get_data() does not enforce documented restrictions\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 0, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"NONE\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Python Software Foundation\", \"modules\": [\"pkgutil\"], \"product\": \"CPython\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.13.13\", \"versionType\": \"python\"}, {\"status\": \"affected\", \"version\": \"3.14.0\", \"lessThan\": \"3.14.4\", \"versionType\": \"python\"}, {\"status\": \"affected\", \"version\": \"3.15.0a1\", \"lessThan\": \"3.15.0a8\", \"versionType\": \"python\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/python/cpython/pull/146122\", \"tags\": [\"patch\"]}, {\"url\": \"https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/python/cpython/issues/146121\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://github.com/python/cpython/commit/bcdf231946b1da8bdfbab4c05539bb0cc964a1c7\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/python/cpython/commit/5af6ce3e7b643a30a02d22245c1e3f4a8bc0a1fe\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/python/cpython/commit/cf59bf76470f3d75ad47d80ffb8ce76b64b5e943\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/python/cpython/commit/d786d59a8f7196bb630100a869f28ad13436b59c\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.6.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.\\n\\npkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eDISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.\u003c/p\u003e\u003cp\u003epkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.\u003c/p\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"28c92f92-d60d-412d-b760-e73465c3df22\", \"shortName\": \"PSF\", \"dateUpdated\": \"2026-04-07T22:01:35.724Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-3479\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-07T22:01:35.724Z\", \"dateReserved\": \"2026-03-03T14:18:35.394Z\", \"assignerOrgId\": \"28c92f92-d60d-412d-b760-e73465c3df22\", \"datePublished\": \"2026-03-18T18:13:42.288Z\", \"assignerShortName\": \"PSF\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
bit-libpython-2026-3479
Vulnerability from bitnami_vulndb
Published
2026-03-20 09:14
Modified
2026-03-20 09:47
Summary
pkgutil.get_data() does not enforce documented restrictions
Details
pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "libpython",
"purl": "pkg:bitnami/libpython"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15.0"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
],
"aliases": [
"CVE-2026-3479"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"
],
"severity": "Low"
},
"details": "pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.",
"id": "BIT-libpython-2026-3479",
"modified": "2026-03-20T09:47:33.381Z",
"published": "2026-03-20T09:14:06.576Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/bcdf231946b1da8bdfbab4c05539bb0cc964a1c7"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/issues/146121"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/pull/146122"
},
{
"type": "WEB",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3479"
}
],
"schema_version": "1.6.2",
"summary": "pkgutil.get_data() does not enforce documented restrictions"
}
bit-python-2026-3479
Vulnerability from bitnami_vulndb
Published
2026-03-20 09:21
Modified
2026-03-20 09:47
Summary
pkgutil.get_data() does not enforce documented restrictions
Details
pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "python",
"purl": "pkg:bitnami/python"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15.0"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
],
"aliases": [
"CVE-2026-3479"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"
],
"severity": "Low"
},
"details": "pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.",
"id": "BIT-python-2026-3479",
"modified": "2026-03-20T09:47:33.381Z",
"published": "2026-03-20T09:21:01.169Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/bcdf231946b1da8bdfbab4c05539bb0cc964a1c7"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/issues/146121"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/pull/146122"
},
{
"type": "WEB",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3479"
}
],
"schema_version": "1.6.2",
"summary": "pkgutil.get_data() does not enforce documented restrictions"
}
CERTFR-2026-AVI-0317
Vulnerability from certfr_avis - Published: 2026-03-19 - Updated: 2026-03-19
Une vulnérabilité a été découverte dans Python. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CPython sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "CPython",
"vendor": {
"name": "Python",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3479"
}
],
"initial_release_date": "2026-03-19T00:00:00",
"last_revision_date": "2026-03-19T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0317",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Python. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans Python",
"vendor_advisories": [
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 Python WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/"
}
]
}
CERTFR-2026-AVI-0556
Vulnerability from certfr_avis - Published: 2026-05-11 - Updated: 2026-05-11
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 31.3.x antérieures à 3.13.15 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Streaming Server For Kubernetes versions antérieures à 1.3.0 | ||
| VMware | Tanzu | Tanzu Data Flow on Kubernetes versions antérieures à 2.1.0 | ||
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 4.0.x antérieures à 4.0.20 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Backup and Restore versions antérieures à1.33.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Data Copy Utility versions antérieures à 2.9.3 | ||
| VMware | Tanzu | Tanzu for Valkey on Kubernetes versions antérieures à 3.3.4 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Command Center versions 6.17.x antérieures à 6.17.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum on Kubernetes versions antérieures à 1.1.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Platform Extension Framework versions antérieures à 8.0.0 | ||
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 4.2.x antérieures à 4.2.6 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Text versions antérieures à 4.0.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Streaming Server versions antérieures à 2.3.0 | ||
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 4.3.x antérieures à 4.3.0 | ||
| VMware | Tanzu | Tanzu for Valkey on Kubernetes versions antérieures à 3.4.0 | ||
| VMware | Tanzu Gemfire | Tanzu GemFire versions antérieures à 10.2.3 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Upgrade versions antérieures à 2.0.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplumversions antérieures à 7.8.0 | ||
| VMware | Tanzu Gemfire | Tanzu GemFire Vector Database versions antérieures à 1.2.2 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions antérieures à 6.33.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Command Center versions 7.7.x antérieures à 7.7.0 | ||
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 4.1.x antérieures à 4.1.11 | ||
| VMware | Tanzu | Tanzu for MySQL on Kubernetes versions antérieures à 2.0.3 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu RabbitMQ on Kubernetes versions 31.3.x ant\u00e9rieures \u00e0 3.13.15",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Streaming Server For Kubernetes versions ant\u00e9rieures \u00e0 1.3.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Data Flow on Kubernetes versions ant\u00e9rieures \u00e0 2.1.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ on Kubernetes versions 4.0.x ant\u00e9rieures \u00e0 4.0.20",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Backup and Restore versions ant\u00e9rieures \u00e01.33.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Data Copy Utility versions ant\u00e9rieures \u00e0 2.9.3",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for Valkey on Kubernetes versions ant\u00e9rieures \u00e0 3.3.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Command Center versions 6.17.x ant\u00e9rieures \u00e0 6.17.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum on Kubernetes versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Platform Extension Framework versions ant\u00e9rieures \u00e0 8.0.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ on Kubernetes versions 4.2.x ant\u00e9rieures \u00e0 4.2.6",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Text versions ant\u00e9rieures \u00e0 4.0.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Streaming Server versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ on Kubernetes versions 4.3.x ant\u00e9rieures \u00e0 4.3.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for Valkey on Kubernetes versions ant\u00e9rieures \u00e0 3.4.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": " Tanzu GemFire versions ant\u00e9rieures \u00e0 10.2.3",
"product": {
"name": "Tanzu Gemfire",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Upgrade versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplumversions ant\u00e9rieures \u00e0 7.8.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire Vector Database versions ant\u00e9rieures \u00e0 1.2.2",
"product": {
"name": "Tanzu Gemfire",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 6.33.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Command Center versions 7.7.x ant\u00e9rieures \u00e0 7.7.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ on Kubernetes versions 4.1.x ant\u00e9rieures \u00e0 4.1.11",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for MySQL on Kubernetes versions ant\u00e9rieures \u00e0 2.0.3\n",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"name": "CVE-2019-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12384"
},
{
"name": "CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"name": "CVE-2025-61730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
},
{
"name": "CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"name": "CVE-2025-15282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
},
{
"name": "CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"name": "CVE-2026-22737",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22737"
},
{
"name": "CVE-2020-26939",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26939"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2026-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4878"
},
{
"name": "CVE-2026-35238",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35238"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2026-27205",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27205"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2026-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32990"
},
{
"name": "CVE-2022-30973",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30973"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2026-1669",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1669"
},
{
"name": "CVE-2026-39892",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"name": "CVE-2021-27906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27906"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"name": "CVE-2026-34267",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34267"
},
{
"name": "CVE-2023-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
},
{
"name": "CVE-2026-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21936"
},
{
"name": "CVE-2026-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21937"
},
{
"name": "CVE-2025-66614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2016-1000341",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000341"
},
{
"name": "CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2020-13956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
},
{
"name": "CVE-2026-35239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35239"
},
{
"name": "CVE-2026-3497",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3497"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"name": "CVE-2026-32288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32288"
},
{
"name": "CVE-2021-36373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36373"
},
{
"name": "CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"name": "CVE-2026-0897",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0897"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2026-34271",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34271"
},
{
"name": "CVE-2019-10094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10094"
},
{
"name": "CVE-2026-24308",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24308"
},
{
"name": "CVE-2025-11468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2026-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3446"
},
{
"name": "CVE-2026-32875",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32875"
},
{
"name": "CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2016-1000343",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000343"
},
{
"name": "CVE-2020-24616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
},
{
"name": "CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"name": "CVE-2022-24613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24613"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2026-27456",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27456"
},
{
"name": "CVE-2026-22701",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22701"
},
{
"name": "CVE-2026-34270",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34270"
},
{
"name": "CVE-2026-34303",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34303"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"name": "CVE-2018-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8036"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2022-26612",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26612"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2026-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22009"
},
{
"name": "CVE-2018-1320",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1320"
},
{
"name": "CVE-2025-13837",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2026-29145",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29145"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-49128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49128"
},
{
"name": "CVE-2026-21998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21998"
},
{
"name": "CVE-2019-17558",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17558"
},
{
"name": "CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"name": "CVE-2026-35469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
},
{
"name": "CVE-2020-13955",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13955"
},
{
"name": "CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2025-66516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66516"
},
{
"name": "CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"name": "CVE-2016-1000346",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000346"
},
{
"name": "CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2025-9820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
},
{
"name": "CVE-2026-2006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
},
{
"name": "CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"name": "CVE-2026-35236",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35236"
},
{
"name": "CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2021-35516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2026-5121",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5121"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2026-35237",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35237"
},
{
"name": "CVE-2014-0114",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0114"
},
{
"name": "CVE-2026-33236",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33236"
},
{
"name": "CVE-2022-32287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32287"
},
{
"name": "CVE-2026-2005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2016-1000345",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000345"
},
{
"name": "CVE-2026-24051",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24051"
},
{
"name": "CVE-2022-39135",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39135"
},
{
"name": "CVE-2025-33042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33042"
},
{
"name": "CVE-2026-34073",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34073"
},
{
"name": "CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2026-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22017"
},
{
"name": "CVE-2022-26336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26336"
},
{
"name": "CVE-2024-21244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21244"
},
{
"name": "CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"name": "CVE-2018-1338",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1338"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2023-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2021-29262",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29262"
},
{
"name": "CVE-2020-11113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
},
{
"name": "CVE-2024-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21503"
},
{
"name": "CVE-2016-1000338",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000338"
},
{
"name": "CVE-2026-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
},
{
"name": "CVE-2026-1703",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1703"
},
{
"name": "CVE-2026-25645",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25645"
},
{
"name": "CVE-2026-21860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21860"
},
{
"name": "CVE-2026-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3479"
},
{
"name": "CVE-2024-52012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52012"
},
{
"name": "CVE-2021-35517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2026-39883",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39883"
},
{
"name": "CVE-2026-4424",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4424"
},
{
"name": "CVE-2019-10088",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10088"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"name": "CVE-2026-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1839"
},
{
"name": "CVE-2026-27142",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27142"
},
{
"name": "CVE-2026-34515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34515"
},
{
"name": "CVE-2026-5598",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5598"
},
{
"name": "CVE-2026-34519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34519"
},
{
"name": "CVE-2018-11797",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11797"
},
{
"name": "CVE-2026-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22022"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2026-34304",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34304"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2026-30922",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2019-14439",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2018-8017",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8017"
},
{
"name": "CVE-2020-10969",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2026-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21948"
},
{
"name": "CVE-2025-11143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11143"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2017-15691",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15691"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"name": "CVE-2026-22002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22002"
},
{
"name": "CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"name": "CVE-2026-34518",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34518"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2016-1000342",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000342"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2018-17197",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17197"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2020-11620",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2026-34308",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34308"
},
{
"name": "CVE-2016-1000339",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000339"
},
{
"name": "CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"name": "CVE-2026-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3219"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2023-50291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
},
{
"name": "CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"name": "CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"name": "CVE-2025-21499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21499"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2026-27199",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27199"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2020-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1945"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2021-23926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23926"
},
{
"name": "CVE-2026-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21964"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2026-22731",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22731"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2025-68146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
},
{
"name": "CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"name": "CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2026-34525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34525"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2026-22732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22732"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2020-9492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9492"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2026-32274",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32274"
},
{
"name": "CVE-2026-40192",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
},
{
"name": "CVE-2026-35240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35240"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2026-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22004"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2018-1324",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1324"
},
{
"name": "CVE-2025-10158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10158"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2026-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22001"
},
{
"name": "CVE-2026-32874",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32874"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2026-4539",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4539"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2021-31812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31812"
},
{
"name": "CVE-2026-4519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4519"
},
{
"name": "CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"name": "CVE-2025-13462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13462"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2026-32289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32289"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2021-37404",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37404"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-66221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66221"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2026-4111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4111"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2025-66034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66034"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2020-14195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2019-12814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12814"
},
{
"name": "CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2026-3298",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3298"
},
{
"name": "CVE-2026-6100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6100"
},
{
"name": "CVE-2026-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21968"
},
{
"name": "CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2024-21232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21232"
},
{
"name": "CVE-2020-14061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
},
{
"name": "CVE-2024-9823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9823"
},
{
"name": "CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2026-4224",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4224"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2020-11619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
},
{
"name": "CVE-2019-12415",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
},
{
"name": "CVE-2025-8869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8869"
},
{
"name": "CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"name": "CVE-2026-25854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25854"
},
{
"name": "CVE-2026-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22015"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2021-22573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22573"
},
{
"name": "CVE-2026-23949",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23949"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2026-1519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1519"
},
{
"name": "CVE-2026-2332",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2332"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2018-11761",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11761"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2018-11771",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11771"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2018-1335",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1335"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2026-0915",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
},
{
"name": "CVE-2025-15281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
},
{
"name": "CVE-2025-21493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21493"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2018-11762",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11762"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2026-22733",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22733"
},
{
"name": "CVE-2026-2297",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2297"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2026-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22005"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2016-1000340",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000340"
},
{
"name": "CVE-2026-34516",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34516"
},
{
"name": "CVE-2026-1299",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1299"
},
{
"name": "CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"name": "CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"name": "CVE-2026-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3644"
},
{
"name": "CVE-2026-27140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
},
{
"name": "CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"name": "CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2026-29129",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29129"
},
{
"name": "CVE-2022-31159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31159"
},
{
"name": "CVE-2026-22735",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22735"
},
{
"name": "CVE-2026-34517",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34517"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2020-15522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15522"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2018-1339",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1339"
},
{
"name": "CVE-2016-1000352",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000352"
},
{
"name": "CVE-2026-27139",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27139"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-14009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14009"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2019-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
},
{
"name": "CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2026-34278",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34278"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2026-34513",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34513"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2026-2003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"name": "CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"name": "CVE-2026-34514",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34514"
},
{
"name": "CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2019-10086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10086"
},
{
"name": "CVE-2020-10968",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1194"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-14819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14819"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2026-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4786"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2026-27141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27141"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"name": "CVE-2016-1000344",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000344"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2017-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3164"
},
{
"name": "CVE-2026-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41066"
},
{
"name": "CVE-2026-34520",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34520"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2025-59419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2026-24880",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24880"
},
{
"name": "CVE-2021-35515",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
},
{
"name": "CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"name": "CVE-2026-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
},
{
"name": "CVE-2026-0672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
},
{
"name": "CVE-2017-7669",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7669"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2017-8806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2019-0193",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0193"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2026-33231",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33231"
},
{
"name": "CVE-2022-30126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30126"
},
{
"name": "CVE-2025-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
},
{
"name": "CVE-2020-11112",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2018-1000180",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2026-34276",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34276"
},
{
"name": "CVE-2022-24614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24614"
},
{
"name": "CVE-2026-22815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22815"
},
{
"name": "CVE-2020-13959",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13959"
},
{
"name": "CVE-2025-24814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24814"
},
{
"name": "CVE-2020-11111",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
},
{
"name": "CVE-2020-11979",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11979"
},
{
"name": "CVE-2025-67221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67221"
},
{
"name": "CVE-2024-21243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21243"
},
{
"name": "CVE-2026-33230",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33230"
},
{
"name": "CVE-2021-31811",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31811"
},
{
"name": "CVE-2021-27807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27807"
},
{
"name": "CVE-2026-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
},
{
"name": "CVE-2026-24281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24281"
},
{
"name": "CVE-2026-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1462"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2022-25168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25168"
},
{
"name": "CVE-2026-34293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34293"
},
{
"name": "CVE-2020-14060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
},
{
"name": "CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2018-11802",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11802"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-14831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14831"
},
{
"name": "CVE-2018-11796",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11796"
},
{
"name": "CVE-2020-13957",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13957"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"name": "CVE-2018-1000632",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000632"
},
{
"name": "CVE-2026-0846",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0846"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
},
{
"name": "CVE-2020-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
}
],
"initial_release_date": "2026-05-11T00:00:00",
"last_revision_date": "2026-05-11T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0556",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37451",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37451"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37445",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37445"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37460",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37460"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37449",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37449"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37450",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37450"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37466",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37466"
},
{
"published_at": "2026-05-08",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37468",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37468"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37444",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37444"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37461",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37461"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2016-11",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37459"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37446",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37446"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37465",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37465"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37448",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37448"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37447",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37447"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37463",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37463"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37452",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37452"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37462",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37462"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37464",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37464"
}
]
}
FKIE_CVE-2026-3479
Vulnerability from fkie_nvd - Published: 2026-03-18 19:16 - Updated: 2026-04-07 18:16
Severity
Summary
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.
pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.
References
| URL | Tags | ||
|---|---|---|---|
| cna@python.org | https://github.com/python/cpython/commit/5af6ce3e7b643a30a02d22245c1e3f4a8bc0a1fe | ||
| cna@python.org | https://github.com/python/cpython/commit/bcdf231946b1da8bdfbab4c05539bb0cc964a1c7 | ||
| cna@python.org | https://github.com/python/cpython/commit/cf59bf76470f3d75ad47d80ffb8ce76b64b5e943 | ||
| cna@python.org | https://github.com/python/cpython/commit/d786d59a8f7196bb630100a869f28ad13436b59c | ||
| cna@python.org | https://github.com/python/cpython/issues/146121 | ||
| cna@python.org | https://github.com/python/cpython/pull/146122 | ||
| cna@python.org | https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [
{
"sourceIdentifier": "cna@python.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.\n\npkgutil.get_data() did not validate the resource argument as documented, allowing path traversals."
},
{
"lang": "es",
"value": "pkgutil.get_data() no valid\u00f3 el argumento de recurso como se document\u00f3, permitiendo recorridos de ruta."
}
],
"id": "CVE-2026-3479",
"lastModified": "2026-04-07T18:16:46.740",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@python.org",
"type": "Secondary"
}
]
},
"published": "2026-03-18T19:16:06.810",
"references": [
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/5af6ce3e7b643a30a02d22245c1e3f4a8bc0a1fe"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/bcdf231946b1da8bdfbab4c05539bb0cc964a1c7"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/cf59bf76470f3d75ad47d80ffb8ce76b64b5e943"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/d786d59a8f7196bb630100a869f28ad13436b59c"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/issues/146121"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/pull/146122"
},
{
"source": "cna@python.org",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/"
}
],
"sourceIdentifier": "cna@python.org",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-43RW-359F-4H89
Vulnerability from github – Published: 2026-03-18 21:32 – Updated: 2026-04-07 18:31
VLAI
Details
pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.
Severity
{
"affected": [],
"aliases": [
"CVE-2026-3479"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-18T19:16:06Z",
"severity": "LOW"
},
"details": "pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.",
"id": "GHSA-43rw-359f-4h89",
"modified": "2026-04-07T18:31:29Z",
"published": "2026-03-18T21:32:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3479"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/issues/146121"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/pull/146122"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/5af6ce3e7b643a30a02d22245c1e3f4a8bc0a1fe"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/bcdf231946b1da8bdfbab4c05539bb0cc964a1c7"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/cf59bf76470f3d75ad47d80ffb8ce76b64b5e943"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/d786d59a8f7196bb630100a869f28ad13436b59c"
},
{
"type": "WEB",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
MSRC_CVE-2026-3479
Vulnerability from csaf_microsoft - Published: 2026-03-02 00:00 - Updated: 2026-04-22 01:38Summary
pkgutil.get_data() does not enforce documented restrictions
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-3 | — |
None Available
|
|
| Unresolved product id: 17086-4 | — |
None Available
|
|
| Unresolved product id: 17084-1 | — |
None Available
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-2 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-3479 pkgutil.get_data() does not enforce documented restrictions - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-3479.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "pkgutil.get_data() does not enforce documented restrictions",
"tracking": {
"current_release_date": "2026-04-22T01:38:01.000Z",
"generator": {
"date": "2026-04-22T20:55:47.501Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-3479",
"initial_release_date": "2026-03-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-03-21T01:03:01.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-03-31T15:08:56.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-04-22T01:38:01.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 python3 0:3.12.9-9.azl3",
"product": {
"name": "azl3 python3 0:3.12.9-9.azl3",
"product_id": "3"
}
},
{
"category": "product_version_range",
"name": "cbl2 python3 0:3.9.19-19.cbl2",
"product": {
"name": "cbl2 python3 0:3.9.19-19.cbl2",
"product_id": "4"
}
},
{
"category": "product_version_range",
"name": "azl3 python3 0:3.12.9-10.azl3",
"product": {
"name": "azl3 python3 0:3.12.9-10.azl3",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "python3"
},
{
"category": "product_name",
"name": "azl3 tensorflow 0:2.16.1-11.azl3",
"product": {
"name": "azl3 tensorflow 0:2.16.1-11.azl3",
"product_id": "2"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python3 0:3.12.9-9.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 tensorflow 0:2.16.1-11.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 python3 0:3.9.19-19.cbl2 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python3 0:3.12.9-10.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-3479",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-2"
]
}
],
"notes": [
{
"category": "general",
"text": "PSF",
"title": "Assigning CNA"
}
],
"product_status": {
"known_affected": [
"17084-3",
"17086-4",
"17084-1"
],
"known_not_affected": [
"17084-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-3479 pkgutil.get_data() does not enforce documented restrictions - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-3479.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2026-03-21T01:03:01.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-3"
]
},
{
"category": "none_available",
"date": "2026-03-21T01:03:01.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-4"
]
},
{
"category": "none_available",
"date": "2026-03-21T01:03:01.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-1"
]
}
],
"title": "pkgutil.get_data() does not enforce documented restrictions"
}
]
}
OPENSUSE-SU-2026:10520-1
Vulnerability from csaf_opensuse - Published: 2026-04-09 00:00 - Updated: 2026-04-09 00:00Summary
python310-3.10.20-4.1 on GA media
Severity
Moderate
Notes
Title of the patch: python310-3.10.20-4.1 on GA media
Description of the patch: These are all security issues fixed in the python310-3.10.20-4.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10520
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python310-3.10.20-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-3.10.20-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-3.10.20-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-3.10.20-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-curses-3.10.20-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-curses-3.10.20-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-curses-3.10.20-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-curses-3.10.20-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-idle-3.10.20-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-idle-3.10.20-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-idle-3.10.20-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-idle-3.10.20-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-tk-3.10.20-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-tk-3.10.20-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-tk-3.10.20-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-tk-3.10.20-4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python310-3.10.20-4.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python310-3.10.20-4.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10520",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10520-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-3479 page",
"url": "https://www.suse.com/security/cve/CVE-2026-3479/"
}
],
"title": "python310-3.10.20-4.1 on GA media",
"tracking": {
"current_release_date": "2026-04-09T00:00:00Z",
"generator": {
"date": "2026-04-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10520-1",
"initial_release_date": "2026-04-09T00:00:00Z",
"revision_history": [
{
"date": "2026-04-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python310-3.10.20-4.1.aarch64",
"product": {
"name": "python310-3.10.20-4.1.aarch64",
"product_id": "python310-3.10.20-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python310-curses-3.10.20-4.1.aarch64",
"product": {
"name": "python310-curses-3.10.20-4.1.aarch64",
"product_id": "python310-curses-3.10.20-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python310-dbm-3.10.20-4.1.aarch64",
"product": {
"name": "python310-dbm-3.10.20-4.1.aarch64",
"product_id": "python310-dbm-3.10.20-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python310-idle-3.10.20-4.1.aarch64",
"product": {
"name": "python310-idle-3.10.20-4.1.aarch64",
"product_id": "python310-idle-3.10.20-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python310-tk-3.10.20-4.1.aarch64",
"product": {
"name": "python310-tk-3.10.20-4.1.aarch64",
"product_id": "python310-tk-3.10.20-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-3.10.20-4.1.ppc64le",
"product": {
"name": "python310-3.10.20-4.1.ppc64le",
"product_id": "python310-3.10.20-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python310-curses-3.10.20-4.1.ppc64le",
"product": {
"name": "python310-curses-3.10.20-4.1.ppc64le",
"product_id": "python310-curses-3.10.20-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python310-dbm-3.10.20-4.1.ppc64le",
"product": {
"name": "python310-dbm-3.10.20-4.1.ppc64le",
"product_id": "python310-dbm-3.10.20-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python310-idle-3.10.20-4.1.ppc64le",
"product": {
"name": "python310-idle-3.10.20-4.1.ppc64le",
"product_id": "python310-idle-3.10.20-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python310-tk-3.10.20-4.1.ppc64le",
"product": {
"name": "python310-tk-3.10.20-4.1.ppc64le",
"product_id": "python310-tk-3.10.20-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-3.10.20-4.1.s390x",
"product": {
"name": "python310-3.10.20-4.1.s390x",
"product_id": "python310-3.10.20-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python310-curses-3.10.20-4.1.s390x",
"product": {
"name": "python310-curses-3.10.20-4.1.s390x",
"product_id": "python310-curses-3.10.20-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python310-dbm-3.10.20-4.1.s390x",
"product": {
"name": "python310-dbm-3.10.20-4.1.s390x",
"product_id": "python310-dbm-3.10.20-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python310-idle-3.10.20-4.1.s390x",
"product": {
"name": "python310-idle-3.10.20-4.1.s390x",
"product_id": "python310-idle-3.10.20-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python310-tk-3.10.20-4.1.s390x",
"product": {
"name": "python310-tk-3.10.20-4.1.s390x",
"product_id": "python310-tk-3.10.20-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-3.10.20-4.1.x86_64",
"product": {
"name": "python310-3.10.20-4.1.x86_64",
"product_id": "python310-3.10.20-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python310-curses-3.10.20-4.1.x86_64",
"product": {
"name": "python310-curses-3.10.20-4.1.x86_64",
"product_id": "python310-curses-3.10.20-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python310-dbm-3.10.20-4.1.x86_64",
"product": {
"name": "python310-dbm-3.10.20-4.1.x86_64",
"product_id": "python310-dbm-3.10.20-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python310-idle-3.10.20-4.1.x86_64",
"product": {
"name": "python310-idle-3.10.20-4.1.x86_64",
"product_id": "python310-idle-3.10.20-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python310-tk-3.10.20-4.1.x86_64",
"product": {
"name": "python310-tk-3.10.20-4.1.x86_64",
"product_id": "python310-tk-3.10.20-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-3.10.20-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-3.10.20-4.1.aarch64"
},
"product_reference": "python310-3.10.20-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-3.10.20-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-3.10.20-4.1.ppc64le"
},
"product_reference": "python310-3.10.20-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-3.10.20-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-3.10.20-4.1.s390x"
},
"product_reference": "python310-3.10.20-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-3.10.20-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-3.10.20-4.1.x86_64"
},
"product_reference": "python310-3.10.20-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-curses-3.10.20-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-curses-3.10.20-4.1.aarch64"
},
"product_reference": "python310-curses-3.10.20-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-curses-3.10.20-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-curses-3.10.20-4.1.ppc64le"
},
"product_reference": "python310-curses-3.10.20-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-curses-3.10.20-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-curses-3.10.20-4.1.s390x"
},
"product_reference": "python310-curses-3.10.20-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-curses-3.10.20-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-curses-3.10.20-4.1.x86_64"
},
"product_reference": "python310-curses-3.10.20-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-dbm-3.10.20-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.aarch64"
},
"product_reference": "python310-dbm-3.10.20-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-dbm-3.10.20-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.ppc64le"
},
"product_reference": "python310-dbm-3.10.20-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-dbm-3.10.20-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.s390x"
},
"product_reference": "python310-dbm-3.10.20-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-dbm-3.10.20-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.x86_64"
},
"product_reference": "python310-dbm-3.10.20-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-idle-3.10.20-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-idle-3.10.20-4.1.aarch64"
},
"product_reference": "python310-idle-3.10.20-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-idle-3.10.20-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-idle-3.10.20-4.1.ppc64le"
},
"product_reference": "python310-idle-3.10.20-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-idle-3.10.20-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-idle-3.10.20-4.1.s390x"
},
"product_reference": "python310-idle-3.10.20-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-idle-3.10.20-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-idle-3.10.20-4.1.x86_64"
},
"product_reference": "python310-idle-3.10.20-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-tk-3.10.20-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-tk-3.10.20-4.1.aarch64"
},
"product_reference": "python310-tk-3.10.20-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-tk-3.10.20-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-tk-3.10.20-4.1.ppc64le"
},
"product_reference": "python310-tk-3.10.20-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-tk-3.10.20-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-tk-3.10.20-4.1.s390x"
},
"product_reference": "python310-tk-3.10.20-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-tk-3.10.20-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-tk-3.10.20-4.1.x86_64"
},
"product_reference": "python310-tk-3.10.20-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-3479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-3479"
}
],
"notes": [
{
"category": "general",
"text": "DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.\n\npkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-3479",
"url": "https://www.suse.com/security/cve/CVE-2026-3479"
},
{
"category": "external",
"summary": "SUSE Bug 1259989 for CVE-2026-3479",
"url": "https://bugzilla.suse.com/1259989"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-curses-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-dbm-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-idle-3.10.20-4.1.x86_64",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.aarch64",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.ppc64le",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.s390x",
"openSUSE Tumbleweed:python310-tk-3.10.20-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2026-3479"
}
]
}
OPENSUSE-SU-2026:10521-1
Vulnerability from csaf_opensuse - Published: 2026-04-09 00:00 - Updated: 2026-04-09 00:00Summary
python312-3.12.13-5.1 on GA media
Severity
Moderate
Notes
Title of the patch: python312-3.12.13-5.1 on GA media
Description of the patch: These are all security issues fixed in the python312-3.12.13-5.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10521
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python312-3.12.13-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-3.12.13-5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-3.12.13-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-3.12.13-5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-curses-3.12.13-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-curses-3.12.13-5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-curses-3.12.13-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-curses-3.12.13-5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-idle-3.12.13-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-idle-3.12.13-5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-idle-3.12.13-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-idle-3.12.13-5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-tk-3.12.13-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-tk-3.12.13-5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-tk-3.12.13-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-tk-3.12.13-5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python312-3.12.13-5.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python312-3.12.13-5.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10521",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10521-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-3479 page",
"url": "https://www.suse.com/security/cve/CVE-2026-3479/"
}
],
"title": "python312-3.12.13-5.1 on GA media",
"tracking": {
"current_release_date": "2026-04-09T00:00:00Z",
"generator": {
"date": "2026-04-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10521-1",
"initial_release_date": "2026-04-09T00:00:00Z",
"revision_history": [
{
"date": "2026-04-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python312-3.12.13-5.1.aarch64",
"product": {
"name": "python312-3.12.13-5.1.aarch64",
"product_id": "python312-3.12.13-5.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-curses-3.12.13-5.1.aarch64",
"product": {
"name": "python312-curses-3.12.13-5.1.aarch64",
"product_id": "python312-curses-3.12.13-5.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-dbm-3.12.13-5.1.aarch64",
"product": {
"name": "python312-dbm-3.12.13-5.1.aarch64",
"product_id": "python312-dbm-3.12.13-5.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-idle-3.12.13-5.1.aarch64",
"product": {
"name": "python312-idle-3.12.13-5.1.aarch64",
"product_id": "python312-idle-3.12.13-5.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-tk-3.12.13-5.1.aarch64",
"product": {
"name": "python312-tk-3.12.13-5.1.aarch64",
"product_id": "python312-tk-3.12.13-5.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-x86-64-v3-3.12.13-5.1.aarch64",
"product": {
"name": "python312-x86-64-v3-3.12.13-5.1.aarch64",
"product_id": "python312-x86-64-v3-3.12.13-5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python312-3.12.13-5.1.ppc64le",
"product": {
"name": "python312-3.12.13-5.1.ppc64le",
"product_id": "python312-3.12.13-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-curses-3.12.13-5.1.ppc64le",
"product": {
"name": "python312-curses-3.12.13-5.1.ppc64le",
"product_id": "python312-curses-3.12.13-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-dbm-3.12.13-5.1.ppc64le",
"product": {
"name": "python312-dbm-3.12.13-5.1.ppc64le",
"product_id": "python312-dbm-3.12.13-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-idle-3.12.13-5.1.ppc64le",
"product": {
"name": "python312-idle-3.12.13-5.1.ppc64le",
"product_id": "python312-idle-3.12.13-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-tk-3.12.13-5.1.ppc64le",
"product": {
"name": "python312-tk-3.12.13-5.1.ppc64le",
"product_id": "python312-tk-3.12.13-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-x86-64-v3-3.12.13-5.1.ppc64le",
"product": {
"name": "python312-x86-64-v3-3.12.13-5.1.ppc64le",
"product_id": "python312-x86-64-v3-3.12.13-5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python312-3.12.13-5.1.s390x",
"product": {
"name": "python312-3.12.13-5.1.s390x",
"product_id": "python312-3.12.13-5.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-curses-3.12.13-5.1.s390x",
"product": {
"name": "python312-curses-3.12.13-5.1.s390x",
"product_id": "python312-curses-3.12.13-5.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-dbm-3.12.13-5.1.s390x",
"product": {
"name": "python312-dbm-3.12.13-5.1.s390x",
"product_id": "python312-dbm-3.12.13-5.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-idle-3.12.13-5.1.s390x",
"product": {
"name": "python312-idle-3.12.13-5.1.s390x",
"product_id": "python312-idle-3.12.13-5.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-tk-3.12.13-5.1.s390x",
"product": {
"name": "python312-tk-3.12.13-5.1.s390x",
"product_id": "python312-tk-3.12.13-5.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-x86-64-v3-3.12.13-5.1.s390x",
"product": {
"name": "python312-x86-64-v3-3.12.13-5.1.s390x",
"product_id": "python312-x86-64-v3-3.12.13-5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python312-3.12.13-5.1.x86_64",
"product": {
"name": "python312-3.12.13-5.1.x86_64",
"product_id": "python312-3.12.13-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-curses-3.12.13-5.1.x86_64",
"product": {
"name": "python312-curses-3.12.13-5.1.x86_64",
"product_id": "python312-curses-3.12.13-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-dbm-3.12.13-5.1.x86_64",
"product": {
"name": "python312-dbm-3.12.13-5.1.x86_64",
"product_id": "python312-dbm-3.12.13-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-idle-3.12.13-5.1.x86_64",
"product": {
"name": "python312-idle-3.12.13-5.1.x86_64",
"product_id": "python312-idle-3.12.13-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-tk-3.12.13-5.1.x86_64",
"product": {
"name": "python312-tk-3.12.13-5.1.x86_64",
"product_id": "python312-tk-3.12.13-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-x86-64-v3-3.12.13-5.1.x86_64",
"product": {
"name": "python312-x86-64-v3-3.12.13-5.1.x86_64",
"product_id": "python312-x86-64-v3-3.12.13-5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-3.12.13-5.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-3.12.13-5.1.aarch64"
},
"product_reference": "python312-3.12.13-5.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-3.12.13-5.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-3.12.13-5.1.ppc64le"
},
"product_reference": "python312-3.12.13-5.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-3.12.13-5.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-3.12.13-5.1.s390x"
},
"product_reference": "python312-3.12.13-5.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-3.12.13-5.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-3.12.13-5.1.x86_64"
},
"product_reference": "python312-3.12.13-5.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-curses-3.12.13-5.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-curses-3.12.13-5.1.aarch64"
},
"product_reference": "python312-curses-3.12.13-5.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-curses-3.12.13-5.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-curses-3.12.13-5.1.ppc64le"
},
"product_reference": "python312-curses-3.12.13-5.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-curses-3.12.13-5.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-curses-3.12.13-5.1.s390x"
},
"product_reference": "python312-curses-3.12.13-5.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-curses-3.12.13-5.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-curses-3.12.13-5.1.x86_64"
},
"product_reference": "python312-curses-3.12.13-5.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-dbm-3.12.13-5.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.aarch64"
},
"product_reference": "python312-dbm-3.12.13-5.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-dbm-3.12.13-5.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.ppc64le"
},
"product_reference": "python312-dbm-3.12.13-5.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-dbm-3.12.13-5.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.s390x"
},
"product_reference": "python312-dbm-3.12.13-5.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-dbm-3.12.13-5.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.x86_64"
},
"product_reference": "python312-dbm-3.12.13-5.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-idle-3.12.13-5.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-idle-3.12.13-5.1.aarch64"
},
"product_reference": "python312-idle-3.12.13-5.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-idle-3.12.13-5.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-idle-3.12.13-5.1.ppc64le"
},
"product_reference": "python312-idle-3.12.13-5.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-idle-3.12.13-5.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-idle-3.12.13-5.1.s390x"
},
"product_reference": "python312-idle-3.12.13-5.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-idle-3.12.13-5.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-idle-3.12.13-5.1.x86_64"
},
"product_reference": "python312-idle-3.12.13-5.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-tk-3.12.13-5.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-tk-3.12.13-5.1.aarch64"
},
"product_reference": "python312-tk-3.12.13-5.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-tk-3.12.13-5.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-tk-3.12.13-5.1.ppc64le"
},
"product_reference": "python312-tk-3.12.13-5.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-tk-3.12.13-5.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-tk-3.12.13-5.1.s390x"
},
"product_reference": "python312-tk-3.12.13-5.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-tk-3.12.13-5.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-tk-3.12.13-5.1.x86_64"
},
"product_reference": "python312-tk-3.12.13-5.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-x86-64-v3-3.12.13-5.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.aarch64"
},
"product_reference": "python312-x86-64-v3-3.12.13-5.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-x86-64-v3-3.12.13-5.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.ppc64le"
},
"product_reference": "python312-x86-64-v3-3.12.13-5.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-x86-64-v3-3.12.13-5.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.s390x"
},
"product_reference": "python312-x86-64-v3-3.12.13-5.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-x86-64-v3-3.12.13-5.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.x86_64"
},
"product_reference": "python312-x86-64-v3-3.12.13-5.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-3479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-3479"
}
],
"notes": [
{
"category": "general",
"text": "DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.\n\npkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-3479",
"url": "https://www.suse.com/security/cve/CVE-2026-3479"
},
{
"category": "external",
"summary": "SUSE Bug 1259989 for CVE-2026-3479",
"url": "https://bugzilla.suse.com/1259989"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-curses-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-dbm-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-idle-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-tk-3.12.13-5.1.x86_64",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.aarch64",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.ppc64le",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.s390x",
"openSUSE Tumbleweed:python312-x86-64-v3-3.12.13-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2026-3479"
}
]
}
OPENSUSE-SU-2026:10522-1
Vulnerability from csaf_opensuse - Published: 2026-04-09 00:00 - Updated: 2026-04-09 00:00Summary
python315-3.15.0~a8-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: python315-3.15.0~a8-1.1 on GA media
Description of the patch: These are all security issues fixed in the python315-3.15.0~a8-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10522
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python315-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python315-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
8 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2026-2297/ | self |
| https://www.suse.com/security/cve/CVE-2026-3479/ | self |
| https://www.suse.com/security/cve/CVE-2026-2297 | external |
| https://bugzilla.suse.com/1259240 | external |
| https://www.suse.com/security/cve/CVE-2026-3479 | external |
| https://bugzilla.suse.com/1259989 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python315-3.15.0~a8-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python315-3.15.0~a8-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10522",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10522-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2297 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-3479 page",
"url": "https://www.suse.com/security/cve/CVE-2026-3479/"
}
],
"title": "python315-3.15.0~a8-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-09T00:00:00Z",
"generator": {
"date": "2026-04-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10522-1",
"initial_release_date": "2026-04-09T00:00:00Z",
"revision_history": [
{
"date": "2026-04-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python315-3.15.0~a8-1.1.aarch64",
"product": {
"name": "python315-3.15.0~a8-1.1.aarch64",
"product_id": "python315-3.15.0~a8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-curses-3.15.0~a8-1.1.aarch64",
"product": {
"name": "python315-curses-3.15.0~a8-1.1.aarch64",
"product_id": "python315-curses-3.15.0~a8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-dbm-3.15.0~a8-1.1.aarch64",
"product": {
"name": "python315-dbm-3.15.0~a8-1.1.aarch64",
"product_id": "python315-dbm-3.15.0~a8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-idle-3.15.0~a8-1.1.aarch64",
"product": {
"name": "python315-idle-3.15.0~a8-1.1.aarch64",
"product_id": "python315-idle-3.15.0~a8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-profiling-3.15.0~a8-1.1.aarch64",
"product": {
"name": "python315-profiling-3.15.0~a8-1.1.aarch64",
"product_id": "python315-profiling-3.15.0~a8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-tk-3.15.0~a8-1.1.aarch64",
"product": {
"name": "python315-tk-3.15.0~a8-1.1.aarch64",
"product_id": "python315-tk-3.15.0~a8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-x86-64-v3-3.15.0~a8-1.1.aarch64",
"product": {
"name": "python315-x86-64-v3-3.15.0~a8-1.1.aarch64",
"product_id": "python315-x86-64-v3-3.15.0~a8-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python315-3.15.0~a8-1.1.ppc64le",
"product": {
"name": "python315-3.15.0~a8-1.1.ppc64le",
"product_id": "python315-3.15.0~a8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-curses-3.15.0~a8-1.1.ppc64le",
"product": {
"name": "python315-curses-3.15.0~a8-1.1.ppc64le",
"product_id": "python315-curses-3.15.0~a8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-dbm-3.15.0~a8-1.1.ppc64le",
"product": {
"name": "python315-dbm-3.15.0~a8-1.1.ppc64le",
"product_id": "python315-dbm-3.15.0~a8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-idle-3.15.0~a8-1.1.ppc64le",
"product": {
"name": "python315-idle-3.15.0~a8-1.1.ppc64le",
"product_id": "python315-idle-3.15.0~a8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-profiling-3.15.0~a8-1.1.ppc64le",
"product": {
"name": "python315-profiling-3.15.0~a8-1.1.ppc64le",
"product_id": "python315-profiling-3.15.0~a8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-tk-3.15.0~a8-1.1.ppc64le",
"product": {
"name": "python315-tk-3.15.0~a8-1.1.ppc64le",
"product_id": "python315-tk-3.15.0~a8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-x86-64-v3-3.15.0~a8-1.1.ppc64le",
"product": {
"name": "python315-x86-64-v3-3.15.0~a8-1.1.ppc64le",
"product_id": "python315-x86-64-v3-3.15.0~a8-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python315-3.15.0~a8-1.1.s390x",
"product": {
"name": "python315-3.15.0~a8-1.1.s390x",
"product_id": "python315-3.15.0~a8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-curses-3.15.0~a8-1.1.s390x",
"product": {
"name": "python315-curses-3.15.0~a8-1.1.s390x",
"product_id": "python315-curses-3.15.0~a8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-dbm-3.15.0~a8-1.1.s390x",
"product": {
"name": "python315-dbm-3.15.0~a8-1.1.s390x",
"product_id": "python315-dbm-3.15.0~a8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-idle-3.15.0~a8-1.1.s390x",
"product": {
"name": "python315-idle-3.15.0~a8-1.1.s390x",
"product_id": "python315-idle-3.15.0~a8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-profiling-3.15.0~a8-1.1.s390x",
"product": {
"name": "python315-profiling-3.15.0~a8-1.1.s390x",
"product_id": "python315-profiling-3.15.0~a8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-tk-3.15.0~a8-1.1.s390x",
"product": {
"name": "python315-tk-3.15.0~a8-1.1.s390x",
"product_id": "python315-tk-3.15.0~a8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-x86-64-v3-3.15.0~a8-1.1.s390x",
"product": {
"name": "python315-x86-64-v3-3.15.0~a8-1.1.s390x",
"product_id": "python315-x86-64-v3-3.15.0~a8-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python315-3.15.0~a8-1.1.x86_64",
"product": {
"name": "python315-3.15.0~a8-1.1.x86_64",
"product_id": "python315-3.15.0~a8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-curses-3.15.0~a8-1.1.x86_64",
"product": {
"name": "python315-curses-3.15.0~a8-1.1.x86_64",
"product_id": "python315-curses-3.15.0~a8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-dbm-3.15.0~a8-1.1.x86_64",
"product": {
"name": "python315-dbm-3.15.0~a8-1.1.x86_64",
"product_id": "python315-dbm-3.15.0~a8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-idle-3.15.0~a8-1.1.x86_64",
"product": {
"name": "python315-idle-3.15.0~a8-1.1.x86_64",
"product_id": "python315-idle-3.15.0~a8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-profiling-3.15.0~a8-1.1.x86_64",
"product": {
"name": "python315-profiling-3.15.0~a8-1.1.x86_64",
"product_id": "python315-profiling-3.15.0~a8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-tk-3.15.0~a8-1.1.x86_64",
"product": {
"name": "python315-tk-3.15.0~a8-1.1.x86_64",
"product_id": "python315-tk-3.15.0~a8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-x86-64-v3-3.15.0~a8-1.1.x86_64",
"product": {
"name": "python315-x86-64-v3-3.15.0~a8-1.1.x86_64",
"product_id": "python315-x86-64-v3-3.15.0~a8-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-3.15.0~a8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-3.15.0~a8-1.1.aarch64"
},
"product_reference": "python315-3.15.0~a8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-3.15.0~a8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-3.15.0~a8-1.1.ppc64le"
},
"product_reference": "python315-3.15.0~a8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-3.15.0~a8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-3.15.0~a8-1.1.s390x"
},
"product_reference": "python315-3.15.0~a8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-3.15.0~a8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-3.15.0~a8-1.1.x86_64"
},
"product_reference": "python315-3.15.0~a8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-curses-3.15.0~a8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.aarch64"
},
"product_reference": "python315-curses-3.15.0~a8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-curses-3.15.0~a8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.ppc64le"
},
"product_reference": "python315-curses-3.15.0~a8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-curses-3.15.0~a8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.s390x"
},
"product_reference": "python315-curses-3.15.0~a8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-curses-3.15.0~a8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.x86_64"
},
"product_reference": "python315-curses-3.15.0~a8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-dbm-3.15.0~a8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.aarch64"
},
"product_reference": "python315-dbm-3.15.0~a8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-dbm-3.15.0~a8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.ppc64le"
},
"product_reference": "python315-dbm-3.15.0~a8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-dbm-3.15.0~a8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.s390x"
},
"product_reference": "python315-dbm-3.15.0~a8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-dbm-3.15.0~a8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.x86_64"
},
"product_reference": "python315-dbm-3.15.0~a8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-idle-3.15.0~a8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.aarch64"
},
"product_reference": "python315-idle-3.15.0~a8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-idle-3.15.0~a8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.ppc64le"
},
"product_reference": "python315-idle-3.15.0~a8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-idle-3.15.0~a8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.s390x"
},
"product_reference": "python315-idle-3.15.0~a8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-idle-3.15.0~a8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.x86_64"
},
"product_reference": "python315-idle-3.15.0~a8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-profiling-3.15.0~a8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.aarch64"
},
"product_reference": "python315-profiling-3.15.0~a8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-profiling-3.15.0~a8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.ppc64le"
},
"product_reference": "python315-profiling-3.15.0~a8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-profiling-3.15.0~a8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.s390x"
},
"product_reference": "python315-profiling-3.15.0~a8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-profiling-3.15.0~a8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.x86_64"
},
"product_reference": "python315-profiling-3.15.0~a8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-tk-3.15.0~a8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.aarch64"
},
"product_reference": "python315-tk-3.15.0~a8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-tk-3.15.0~a8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.ppc64le"
},
"product_reference": "python315-tk-3.15.0~a8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-tk-3.15.0~a8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.s390x"
},
"product_reference": "python315-tk-3.15.0~a8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-tk-3.15.0~a8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.x86_64"
},
"product_reference": "python315-tk-3.15.0~a8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-x86-64-v3-3.15.0~a8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.aarch64"
},
"product_reference": "python315-x86-64-v3-3.15.0~a8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-x86-64-v3-3.15.0~a8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.ppc64le"
},
"product_reference": "python315-x86-64-v3-3.15.0~a8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-x86-64-v3-3.15.0~a8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.s390x"
},
"product_reference": "python315-x86-64-v3-3.15.0~a8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-x86-64-v3-3.15.0~a8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.x86_64"
},
"product_reference": "python315-x86-64-v3-3.15.0~a8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-2297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2297"
}
],
"notes": [
{
"category": "general",
"text": "The import hook in CPython that handles legacy *.pyc files (SourcelessFileLoader) is incorrectly handled in FileLoader (a base class) and so does not use io.open_code() to read the .pyc files. sys.audit handlers for this audit event therefore do not fire.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2297",
"url": "https://www.suse.com/security/cve/CVE-2026-2297"
},
{
"category": "external",
"summary": "SUSE Bug 1259240 for CVE-2026-2297",
"url": "https://bugzilla.suse.com/1259240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-2297"
},
{
"cve": "CVE-2026-3479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-3479"
}
],
"notes": [
{
"category": "general",
"text": "DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.\n\npkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-3479",
"url": "https://www.suse.com/security/cve/CVE-2026-3479"
},
{
"category": "external",
"summary": "SUSE Bug 1259989 for CVE-2026-3479",
"url": "https://bugzilla.suse.com/1259989"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a8-1.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2026-3479"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…