Количество 2
Количество 2
CVE-2026-22871
GuardDog is a CLI tool to identify malicious PyPI packages. Prior to 2.7.1, there is a path traversal vulnerability exists in GuardDog's safe_extract() function that allows malicious PyPI packages to write arbitrary files outside the intended extraction directory, leading to Arbitrary File Overwrite and Remote Code Execution on systems running GuardDog. This vulnerability is fixed in 2.7.1.
GHSA-xg9w-vg3g-6m68
GuardDog Path Traversal Vulnerability Leads to Arbitrary File Overwrite and RCE
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-22871 GuardDog is a CLI tool to identify malicious PyPI packages. Prior to 2.7.1, there is a path traversal vulnerability exists in GuardDog's safe_extract() function that allows malicious PyPI packages to write arbitrary files outside the intended extraction directory, leading to Arbitrary File Overwrite and Remote Code Execution on systems running GuardDog. This vulnerability is fixed in 2.7.1. | CVSS3: 9.8 | 1% Низкий | 27 дней назад |
| GHSA-xg9w-vg3g-6m68 GuardDog Path Traversal Vulnerability Leads to Arbitrary File Overwrite and RCE | 1% Низкий | 27 дней назад |
Уязвимостей на страницу