Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2026/01/30 12:0 a.m.2 views

Ubuntu 25.10 : jaraco.context vulnerability (USN-7979-1)

The remote Ubuntu 25.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7979-1 advisory. It was discovered that jaraco.context incorrectly handled certain zip file paths. An attacker could possibly use this issue to extract arbitrary files outside of the...

8.6CVSS6AI score0.00101EPSS
Exploits1References2
OSV
OSVadded 2026/01/27 12:57 p.m.0 views

USN-7979-1 jaraco.context vulnerability

It was discovered that jaraco.context incorrectly handled certain zip file paths. An attacker could possibly use this issue to extract arbitrary files outside of the intented extraction directory...

8.6CVSS7.4AI score0.00101EPSS
Exploits1References2
OSV
OSVadded 2026/01/23 10:43 a.m.1 views

SUSE-SU-2026:20139-1 Security update for python-jaraco.context

This update for python-jaraco.context fixes the following issues: - CVE-2026-23949: Fixed malicious tar archives may lead to path traversal bsc1256954...

8.6CVSS5.8AI score0.00101EPSS
Exploits1References3
OSV
OSVadded 2026/01/23 10:43 a.m.1 views

OPENSUSE-SU-2026:20095-1 Security update for python-jaraco.context

This update for python-jaraco.context fixes the following issues: - CVE-2026-23949: Fixed malicious tar archives may lead to path traversal bsc1256954...

8.6CVSS5.8AI score0.00101EPSS
Exploits1References2
CVE
CVEadded 2026/01/20 12:36 a.m.55 views

CVE-2026-23949

CVE-2026-23949 affects the Python package jaraco.context. The vulnerability is a Zip Slip path traversal in the jaraco.context.tarball() function, present in versions 5.2.0 up to, but not including, 6.1.0. The issue arises from how paths are split by strip_first_component, which can allow travers...

8.6CVSS5.5AI score0.00101EPSS
Exploits1References4Affected Software1
EUVD
EUVDadded 2026/01/20 12:36 a.m.7 views

EUVD-2026-3592

jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the jaraco.context.tarball function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract file...

8.6CVSS5.5AI score0.00101EPSS
Exploits1References4
CNNVD
CNNVDadded 2026/01/20 12:0 a.m.1 views

jaraco.context path traversal vulnerability

jaraco.context is a Python library developed by Jason R. Coombs. Versions 5.2.0 to 6.1.0 of jaraco.context had a path traversal vulnerability. This vulnerability stemmed from the Zip Slip path traversal in the tarball functions, which could allow files to be extracted outside of the expected...

8.6CVSS5.8AI score0.00101EPSS
Exploits1References4
OSV
OSVadded 2026/01/13 9:48 p.m.1 views

GHSA-58PV-8J8X-9VJ2 jaraco.context Has a Path Traversal Vulnerability

Summary There is a Zip Slip path traversal vulnerability in the jaraco.context package affecting setuptools as well, in jaraco.context.tarball function. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed. The...

8.6CVSS5.8AI score0.00101EPSS
Exploits1References6
Rows per page
Query Builder