18 matches found
SUSE CVE-2026-3479
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...
BIT-PYTHON-2026-3479 pkgutil.get_data() does not enforce documented restrictions
pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...
BIT-LIBPYTHON-2026-3479 pkgutil.get_data() does not enforce documented restrictions
pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...
EUVD-2026-12940
pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...
CVE-2026-3479
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...
CVE-2026-3479 pkgutil.get_data() does not enforce documented restrictions
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...
PSF-2026-13
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...
CVE-2026-3479 pkgutil.get_data() does not enforce documented restrictions
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...
CVE-2026-3479
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...
PT-2026-26139
Name of the Vulnerable Software and Affected Versions pkgutil affected versions not specified Description The pkgutil.get data function did not properly validate the resource argument, as documented. This allowed for path traversal, potentially enabling unauthorized access to files. Recommendatio...
kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c
A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents...
kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c
A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents...
kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c
A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents...
kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c
A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents...
kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c
A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents...
CVE-2023-0458
A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. Mitigation...
UBUNTU-CVE-2023-0458
A speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or...
CVE-2023-0458
CVE-2023-0458 describes a speculative pointer dereference in the Linux kernel’s do_prlimit() path. The vulnerable path uses a controlled resource argument in pointer arithmetic for the rl im variable, enabling leakage of kernel contents when exploited. The Astra Linux security bulletin corroborat...