Lucene search
K

8 matches found

OSV
OSV
added 2026/03/04 10:10 p.m.5 views

CVE-2026-2297 SourcelessFileLoader does not use io.open_code()

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

5.7CVSS6.1AI score0.00202EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/03/04 10:10 p.m.7 views

CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

5.7CVSS5.9AI score0.00202EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/03/04 10:10 p.m.10 views

CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

5.7CVSS5.2AI score0.00202EPSS
Exploits0
Debian
Debian
added 2025/09/03 7:36 p.m.6 views

[SECURITY] [DLA 4291-1] node-cipher-base security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4291-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 03, 2025 https://wiki.debian.org/LTS -...

9.1CVSS7AI score0.0047EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/27 5:39 a.m.5 views

Malicious code in crypto-base-class-new (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6367d8d4ea69716ade6df0bdc1288d33b7d0028c1e4416d2dc3f587f853cfe5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:14 a.m.4 views

CVE-2023-30857

@aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Prior to version 0.6.1, there is a possible prototype pollution issue for the MetadataRecord, when merged with a base class' metadata object, in meta decorator from the @aedart/support package. The...

3.7CVSS6.6AI score0.00482EPSS
Exploits0References1
NVD
NVD
added 2024/07/10 5:15 a.m.25 views

CVE-2024-39330

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generatefilename without replicating the file-path validations from the parent class, potentially allow directory traversal via certain...

4.3CVSS0.01008EPSS
Exploits0References4
PyPA
PyPA
added 2024/07/10 5:15 a.m.10 views

PYSEC-2024-58

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generatefilename without replicating the file-path validations from the parent class, potentially allow directory traversal via certain...

4.3CVSS8.3AI score0.01008EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder