Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2026/06/01 2:15 p.m.5 views

mahoraga (>=0.5.1 <=0.6.0), pixi-browse (>=0.0.1 <=0.0.13) +2 more potentially affected by CVE-2026-47425 via py-rattler (>=0.22.0 <=0.23.2)

py-rattler PYPI version =0.22.0, =0.5.1, =0.0.1, =0.1.0, =0.8.0 Source cves: CVE-2026-47425 Source advisory: OSV:GHSA-Q53Q-5R4J-5729...

5.7AI score0.00058EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/06/01 2:15 p.m.20 views

rattler has an entry-point path traversal in noarch:python install (arbitrary file write)

Summary EntryPoint::FromStr in rattlercondatypes performs only .trim on the command field before the linker joins it onto the install prefix and writes an executable Python script. A malicious noarch:python package can ship an info/link.json with an entry-point name containing .., /, , or an...

5.9AI score0.00058EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2026/06/01 2:15 p.m.11 views

GHSA-Q53Q-5R4J-5729 rattler has an entry-point path traversal in noarch:python install (arbitrary file write)

Summary EntryPoint::FromStr in rattlercondatypes performs only .trim on the command field before the linker joins it onto the install prefix and writes an executable Python script. A malicious noarch:python package can ship an info/link.json with an entry-point name containing .., /, , or an...

8.7CVSS5.9AI score0.00058EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.21 views

PT-2026-45490

Summary EntryPoint::FromStr in rattler conda types performs only .trim on the command field before the linker joins it onto the install prefix and writes an executable Python script. A malicious noarch:python package can ship an info/link.json with an entry-point name containing .., /, , or an...

8.7CVSS5.9AI score0.00058EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2017/07/05 2:3 p.m.8 views

rattler-firebird.org XSS vulnerability

Vulnerable URL: http://www.rattler-firebird.org/vietnam/aircraft/aircraft.php?tailnumber=1"...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/18 3:14 p.m.13 views

rattler-firebird.org XSS vulnerability

Vulnerable URL: http://rattler-firebird.org/vietnam/aircraft/aircraft.php?tailnumber=1/-///'/"//--...

6.9AI score
Exploits0
Rows per page
Query Builder