Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-15367

Опубликовано: 20 янв. 2026
Источник: debian
EPSS Низкий

Описание

The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python3.14unfixedpackage
python3.13unfixedpackage
python3.11removedpackage
python3.9removedpackage
pypy3unfixedpackage
pypy3no-dsatrixiepackage
pypy3no-dsabookwormpackage
pypy3postponedbullseyepackage
python2.7removedpackage
python2.7end-of-lifebullseyepackage
jythonunfixedpackage
jythonno-dsatrixiepackage
jythonno-dsabookwormpackage
jythonend-of-lifebullseyepackage

Примечания

  • https://github.com/python/cpython/issues/143923

  • https://github.com/python/cpython/pull/143924

  • https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/

  • https://github.com/python/cpython/commit/b234a2b67539f787e191d2ef19a7cbdce32874e7 (main)

EPSS

Процентиль: 18%
0.00057
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-15367

ubuntu
18 дней назад

The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

nvd логотип

CVE-2025-15367

nvd
18 дней назад

The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

github логотип

GHSA-g82h-mgfp-jx8g

github
18 дней назад

The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

oracle-oval логотип

ELSA-2026-2128

oracle-oval
3 дня назад

ELSA-2026-2128: python3 security update (MODERATE)

EPSS

Процентиль: 18%
0.00057
Низкий