Lucene search
+L

211 matches found

vulnersosv
vulnersosv
added 2026/04/10 7:39 p.m.13 views

1claw-crewai-tools (=0.1.0), aacp-crewai (=0.1.0) +1044 more potentially affected by unknown CVE via uv (>=0.10.0 <=0.11.4)

uv PYPI version =0.10.0, =1.10.30, =1.10.30, =0.31.5, =1.3.0, =1.6.0, =1.6.0, =1.2.2, =1.2.4, =0.6.0, =0.1.0, =0.2.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-UV-15969260...

5.7AI score
Exploits0
vulnersosv
vulnersosv
added 2026/04/10 7:39 p.m.5 views

1claw-crewai-tools (=0.1.0), aacp-crewai (=0.1.0) +1044 more potentially affected by unknown CVE via uv (>=0.10.0 <=0.11.4)

uv PYPI version =0.10.0, =1.10.30, =1.10.30, =0.31.5, =1.3.0, =1.6.0, =1.6.0, =1.2.2, =1.2.4, =0.6.0, =0.1.0, =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-PJJW-68HJ-V9MW...

5.7AI score
Exploits0
github
github
added 2026/04/10 7:39 p.m.8 views

uv vulnerable to arbitrary file deletion through RECORD entries

Impact Wheel RECORD entries can contain relative paths that traverse outside of the wheel’s installation prefix. In versions 0.11.5 and earlier of uv, these wheels were not rejected on installation and the RECORD was respected without validation on uninstall. uv uses the RECORD to determine files...

5.9AI score
Exploits0References7Affected Software1
fedora
fedora
added 2026/04/04 12:49 a.m.8 views

[SECURITY] Fedora 43 Update: domoticz-2026.1-1.fc43

Domoticz is a Home Automation System that lets you monitor and configure vari ous devices like: Lights, Switches, various sensors/meters like Temperature, Rain, Wind, UV, Electra, Gas, Water and much more. Notifications/Alerts can be sent to any mobile device...

4.8CVSS5.9AI score0.00211EPSS
Exploits0
osv
osv
added 2026/04/02 8:57 p.m.7 views

GHSA-7GGG-PVRF-458V OpenClaw: PIP_INDEX_URL and UV_INDEX_URL bypass host exec env sanitization and redirect Python package-index traffic

Summary PIPINDEXURL and UVINDEXURL bypass host exec env sanitization and redirect Python package-index traffic Current Maintainer Triage - Status: narrow - Normalized severity: high - Assessment: v2026.3.28 still allows Python package-index env redirection through host exec, but scope should stay...

7.3CVSS6.1AI score0.00125EPSS
Exploits0References6
fedora
fedora
added 2026/03/29 1:8 a.m.10 views

[SECURITY] Fedora 42 Update: python-uv-build-0.10.12-1.fc42

This package is a slimmed down version of uv containing only the build backend...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
nessus
nessus
added 2026/03/29 12:0 a.m.5 views

Fedora 42 : maturin / python-fastar / python-uv-build / rust-astral-tokio-tar / etc (2026-23bb71ea52)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-23bb71ea52 advisory. Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv...

6.5CVSS6AI score0.00379EPSS
Exploits1References3
fedora
fedora
added 2026/03/28 12:46 a.m.4 views

[SECURITY] Fedora 43 Update: python-uv-build-0.10.12-1.fc43

This package is a slimmed down version of uv containing only the build backend...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
fedora
fedora
added 2026/03/28 12:19 a.m.6 views

[SECURITY] Fedora 44 Update: python-uv-build-0.11.2-1.fc44

This package is a slimmed down version of uv containing only the build backend...

5.8AI score
Exploits0
nessus
nessus
added 2026/03/28 12:0 a.m.6 views

Fedora 44 : maturin / python-fastar / python-uv-build / rust-astral-tokio-tar / etc (2026-e22a7dbf2d)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-e22a7dbf2d advisory. Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv...

6.5CVSS6AI score0.00379EPSS
Exploits1References3
nessus
nessus
added 2026/03/28 12:0 a.m.18 views

Fedora 43 : maturin / python-fastar / python-uv-build / rust-astral-tokio-tar / etc (2026-d18cf572b8)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-d18cf572b8 advisory. Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv...

6.5CVSS6AI score0.00379EPSS
Exploits1References3
nessus
nessus
added 2026/03/28 12:0 a.m.3 views

Fedora 44 : python-uv-build / rust-ambient-id / rust-astral-reqwest-middleware / etc (2026-b8b59dcf44)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-b8b59dcf44 advisory. Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be...

6AI score
Exploits0References1
nessus
nessus
added 2026/03/21 12:0 a.m.9 views

Fedora 45 : maturin / python-fastar / python-uv-build / rust-astral-tokio-tar / etc (2026-c6c01a71f2)

The remote Fedora 45 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-c6c01a71f2 advisory. Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45 to 0.4.45, fixing CVE-2026-33056. Update uv and...

6.5CVSS5.9AI score0.00379EPSS
Exploits1References3
cgr
cgr
added 2026/03/20 7:17 a.m.3 views

GHSA-6GX3-4362-RF54 vulnerabilities

Vulnerabilities for packages: wasmcloud, uv, pixi, mise...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/03/20 1:48 a.m.8 views

CVE-2026-32766 vulnerabilities

Vulnerabilities for packages: uv, pixi, wasmcloud...

6.3CVSS6.1AI score0.00249EPSS
Exploits0
wolfi
wolfi
added 2026/03/20 1:48 a.m.9 views

GHSA-6GX3-4362-RF54 vulnerabilities

Vulnerabilities for packages: uv, pixi, wasmcloud...

6.1AI score
Exploits0
opensuse
opensuse
added 2026/03/19 12:0 a.m.3 views

python311-uv-0.10.11-1.1 on GA media (moderate)

python311-uv-0.10.11-1.1 on GA media Announcement ID: openSUSE-SU-2026:10380-1 Rating: moderate Cross-References: CVE-2026-31812 CVSS scores: CVE-2026-31812 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-31812 SUSE : 6.9...

6.9CVSS5.8AI score0.005EPSS
Exploits0
osv
osv
added 2026/03/17 12:0 a.m.7 views

OPENSUSE-SU-2026:10380-1 python311-uv-0.10.11-1.1 on GA media

These are all security issues fixed in the python311-uv-0.10.11-1.1 package on the GA media of openSUSE Tumbleweed...

8.7CVSS5.8AI score0.005EPSS
Exploits0References1
wolfi
wolfi
added 2026/03/12 7:48 a.m.7 views

GHSA-6XVM-J4WR-6V98 vulnerabilities

Vulnerabilities for packages: cargo-audit, vector, zizmor, uv, xh, sccache, wasmcloud, zola, lychee, wash, qdrant, samply, nushell, wadm, parseable, berg, zed, py3-xet-core, pixi...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/03/12 7:48 a.m.5 views

CVE-2026-31812 vulnerabilities

Vulnerabilities for packages: cargo-audit, vector, zizmor, uv, xh, sccache, wasmcloud, zola, lychee, wash, qdrant, samply, nushell, wadm, parseable, berg, zed, py3-xet-core, pixi...

8.7CVSS7AI score0.005EPSS
Exploits0
Rows per page
Query Builder