Lucene search
K

9 matches found

OSV
OSV
added 2026/07/01 6:9 p.m.2 views

SUSE-SU-2026:2724-1 Security update for python-python-dotenv

This update for python-python-dotenv fixes the following issue: - CVE-2026-28684: follow symbolic links when rewriting .env files bsc1262423...

6.6CVSS6AI score0.00236EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/15 12:0 a.m.5 views

Security update for python-python-dotenv (moderate)

openSUSE security update: security update for python-python-dotenv ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20952-1 Rating: moderate References: bsc1262423 Cross-References: CVE-2026-28684 CVSS scores: CVE-2026-28684 SUSE : 6.6...

6.6CVSS6.7AI score0.00236EPSS
Exploits1References1
OSV
OSV
added 2026/06/11 12:45 p.m.5 views

OPENSUSE-SU-2026:20952-1 Security update for python-python-dotenv

This update for python-python-dotenv fixes the following issue: - CVE-2026-28684: Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink bsc1262423...

6.6CVSS8AI score0.00236EPSS
Exploits1References2
OSV
OSV
added 2026/05/09 12:30 p.m.10 views

OESA-2026-2199 python-dotenv security update

Python-dotenv reads key-value pairs from a .env file and can set them as environment variables. It helps in the development of applications following the 12-factor principles. Security Fixes: python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to...

6.6CVSS5.9AI score0.00236EPSS
Exploits1References2
OSV
OSV
added 2026/05/09 12:30 p.m.25 views

OESA-2026-2198 python-dotenv security update

Python-dotenv reads key-value pairs from a .env file and can set them as environment variables. It helps in the development of applications following the 12-factor principles. Security Fixes: python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to...

6.6CVSS5.9AI score0.00236EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/04/21 12:18 p.m.7 views

SUSE CVE-2026-28684

python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...

6.6CVSS5.9AI score0.00236EPSS
Exploits1References5
OSV
OSV
added 2026/04/20 5:16 p.m.11 views

DEBIAN-CVE-2026-28684

python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...

6.6CVSS5.5AI score0.00236EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/04/20 4:25 p.m.6 views

CVE-2026-28684

python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...

6.6CVSS5.5AI score0.00236EPSS
Exploits1
CVE
CVE
added 2026/04/20 4:25 p.m.52 views

CVE-2026-28684

CVE-2026-28684 (python-dotenv) : The issue affects python-dotenv where the functions set_key() and unset_key() follow symbolic links when rewriting the .env file. This behavior enables a local attacker to overwrite arbitrary files via a crafted symlink during a cross-device rename fallback. Impac...

6.6CVSS5.9AI score0.00236EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder