16 matches found
Pallets Click contains a command injection via Unsanitized Filename "click.edit()"
...
OESA-2026-2304 python-click security update
Click is a Python package for creating beautiful command line interfaces in a composable way with as little code as necessary. It's the "Command Line Interface Creation Kit". It's highly configurable but comes with sensible defaults out of the box. Security Fixes: Pallets Click, versions 8.3.2 an...
OESA-2026-2303 python-click security update
Click is a Python package for creating beautiful command line interfaces in a composable way with as little code as necessary. It's the "Command Line Interface Creation Kit". It's highly configurable but comes with sensible defaults out of the box. Security Fixes: Pallets Click, versions 8.3.2 an...
SUSE CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
UBUNTU-CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection v...
CVE-2026-7246
A flaw was found in Pallets Click. This command injection vulnerability, located in the click.edit function, allows an attacker with an unprivileged account to execute arbitrary operating system OS commands. This could lead to unauthorized control over the affected system...
Linux Distros Unpatched Vulnerability : CVE-2026-7246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands...
CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
DEBIAN-CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
CVE-2026-7246
CVE-2026-7246 affects Pallets Click up to version 8.3.2. The vulnerability is a command injection in the click.edit() function that allows an unprivileged attacker to pass arbitrary OS commands. This is a local attack with high impact on confidentiality, integrity, and availability as per the cit...
CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()"
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
EUVD-2026-26375
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
PT-2026-36098
Name of the Vulnerable Software and Affected Versions Pallets Click versions 8.3.2 and earlier Description A command injection issue exists in the click.edit function, which allows an unprivileged account to execute arbitrary operating system commands. Recommendations Update to a version later th...