Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
70 changes: 70 additions & 0 deletions advisories/python/PSF-0000-CVE-2026-4360.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
{
"schema_version": "1.5.0",
"id": "PSF-0000-CVE-2026-4360",
"aliases": [
"CVE-2026-4360"
],
"published": "2026-06-30T14:45:35.601Z",
"modified": "2026-06-30T15:28:30.201Z",
"details": "In the Tarfile.extract() function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract() function.",
"affected": [
{
"ranges": [
{
"type": "GIT",
"events": [
{
"introduced": "0"
},
{
"fixed": "5e0ef3f1afe892e4f64eb83368db57ac4c40cba0"
},
{
"fixed": "7b57e8d51446297b8c7c482d224bc5f1938e4301"
},
{
"fixed": "7ccdbaba2c54250a70d7f25632152df7655a5e0a"
},
{
"fixed": "eee3ddf0ca10283cc7fea724aae9cd8665f8d15e"
}
],
"repo": "https://github.com/python/cpython"
}
]
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://mail.python.org/archives/list/[email protected]/thread/TWZW2PC2AZOV6FENIHFSRC63OM7MBGSB/"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/pull/151988"
},
{
"type": "REPORT",
"url": "https://github.com/python/cpython/issues/151987"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/5e0ef3f1afe892e4f64eb83368db57ac4c40cba0"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/7b57e8d51446297b8c7c482d224bc5f1938e4301"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/7ccdbaba2c54250a70d7f25632152df7655a5e0a"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/eee3ddf0ca10283cc7fea724aae9cd8665f8d15e"
}
],
"database_specific": {
"cwe_ids": []
}
}
22 changes: 18 additions & 4 deletions advisories/python/PSF-2026-11.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"schema_version": "1.5.0",
"id": "PSF-2026-11",
"published": "2026-03-16T17:37:31.344Z",
"modified": "2026-03-16T18:25:55.021Z",
"modified": "2026-06-30T15:11:21.792Z",
"aliases": [
"CVE-2026-3644"
],
Expand All @@ -12,7 +12,6 @@
"ranges": [
{
"type": "GIT",
"repo": "https://github.com/python/cpython",
"events": [
{
"introduced": "0"
Expand All @@ -25,8 +24,15 @@
},
{
"fixed": "d16ecc6c3626f0e2cc8f08c309c83934e8a979dd"
},
{
"fixed": "556aa098e738b127c714866f819b4abe2f7593d8"
},
{
"fixed": "dae4b1a21f8df4570e30986affd61bbe4ade4cef"
}
]
],
"repo": "https://github.com/python/cpython"
}
]
}
Expand Down Expand Up @@ -55,9 +61,17 @@
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/d16ecc6c3626f0e2cc8f08c309c83934e8a979dd"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/556aa098e738b127c714866f819b4abe2f7593d8"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/dae4b1a21f8df4570e30986affd61bbe4ade4cef"
}
],
"database_specific": {
"cwe_ids": []
}
}
}
16 changes: 15 additions & 1 deletion advisories/python/PSF-2026-15.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"schema_version": "1.5.0",
"id": "PSF-2026-15",
"published": "2026-04-10T17:54:44.121Z",
"modified": "2026-06-04T14:08:00.911Z",
"modified": "2026-06-30T15:12:43.900Z",
"aliases": [
"CVE-2026-1502"
],
Expand All @@ -27,6 +27,12 @@
},
{
"fixed": "c00c386faa579ad71196d33408644478488e43ec"
},
{
"fixed": "56b7100b04e44ea27989242b176beb8f016b2c53"
},
{
"fixed": "58703ec1bdd1eb075e8b01a0c427683ce594dd3e"
}
],
"repo": "https://github.com/python/cpython"
Expand Down Expand Up @@ -62,6 +68,14 @@
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/c00c386faa579ad71196d33408644478488e43ec"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/56b7100b04e44ea27989242b176beb8f016b2c53"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/58703ec1bdd1eb075e8b01a0c427683ce594dd3e"
}
],
"database_specific": {
Expand Down
16 changes: 15 additions & 1 deletion advisories/python/PSF-2026-24.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"schema_version": "1.5.0",
"id": "PSF-2026-24",
"published": "2026-05-13T20:14:33.751Z",
"modified": "2026-06-10T18:57:31.773Z",
"modified": "2026-06-30T15:09:29.230Z",
"aliases": [
"CVE-2026-8328"
],
Expand Down Expand Up @@ -30,6 +30,12 @@
},
{
"fixed": "eac4fe3b2c77693790a5ef7dfab127c1fee81bf9"
},
{
"fixed": "2bbcf3fb7a420a05605576c0f9468d4675381b5f"
},
{
"fixed": "ef12d0dc824baccf737bba1458e5eed3d1e0fceb"
}
],
"repo": "https://github.com/python/cpython"
Expand Down Expand Up @@ -69,6 +75,14 @@
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/eac4fe3b2c77693790a5ef7dfab127c1fee81bf9"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/2bbcf3fb7a420a05605576c0f9468d4675381b5f"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/ef12d0dc824baccf737bba1458e5eed3d1e0fceb"
}
],
"database_specific": {
Expand Down
17 changes: 12 additions & 5 deletions advisories/python/PSF-2026-30.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,16 @@
"schema_version": "1.5.0",
"id": "PSF-2026-30",
"published": "2026-06-23T16:04:17.321Z",
"modified": "2026-06-23T17:57:32.525Z",
"modified": "2026-06-30T15:13:33.568Z",
"aliases": [
"CVE-2026-11940"
],
"details": "tarfile.extractall() with the 'data' or 'tar'\n filter could be bypassed by a crafted archive where a hardlink \nreferences a symlink stored at a deeper name than the hardlink itself.  \nThe extraction fallback validated the symlink at it's archived location \nbut recreated it at the hardlink's shallower\npath, letting a relative\n target the filter judged contained escape the destination directory.  \nThis allowed a malicious tar archive to create a symlink pointing \noutside the destination, enabling out-of-destination file reads or \nwrites. This was an incomplete fix of CVE-2025-4330.",
"details": "tarfile.extractall() with the 'data' or 'tar'\n filter could be bypassed by a crafted archive where a hardlink \nreferences a symlink stored at a deeper name than the hardlink itself.\u00a0 \nThe extraction fallback validated the symlink at it's archived location \nbut recreated it at the hardlink's shallower\npath, letting a relative\n target the filter judged contained escape the destination directory.\u00a0 \nThis allowed a malicious tar archive to create a symlink pointing \noutside the destination, enabling out-of-destination file reads or \nwrites. This was an incomplete fix of CVE-2025-4330.",
"affected": [
{
"ranges": [
{
"type": "GIT",
"repo": "https://github.com/python/cpython",
"events": [
{
"introduced": "0"
Expand All @@ -28,8 +27,12 @@
},
{
"fixed": "79c06bd5c6afa3c440d50faf7ee1b147c8832b4c"
},
{
"fixed": "be13e86f6b9788a6f4d0419dffef72cbae5865c9"
}
]
],
"repo": "https://github.com/python/cpython"
}
]
}
Expand Down Expand Up @@ -62,9 +65,13 @@
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/79c06bd5c6afa3c440d50faf7ee1b147c8832b4c"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/be13e86f6b9788a6f4d0419dffef72cbae5865c9"
}
],
"database_specific": {
"cwe_ids": []
}
}
}
44 changes: 43 additions & 1 deletion advisories/python/PSF-2026-31.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"schema_version": "1.5.0",
"id": "PSF-2026-31",
"published": "2026-06-23T22:02:45.434Z",
"modified": "2026-06-24T15:34:06.959Z",
"modified": "2026-06-30T15:13:21.383Z",
"aliases": [
"CVE-2026-11972"
],
Expand All @@ -15,6 +15,24 @@
"events": [
{
"introduced": "0"
},
{
"fixed": "3f031d431f80668e14f3bc066bbf4369cd9281b9"
},
{
"fixed": "4ce6bf7c8aa7725828a38981c306f214c1f29365"
},
{
"fixed": "7f0dc59c9a70f8f3b4da33d7c4a2ba552a7acc21"
},
{
"fixed": "e86666c9dd256d52d0fbef6feb1ea4a51768fdec"
},
{
"fixed": "eb63c0f94dfcbea7fda8eab6213818e134d67192"
},
{
"fixed": "f50bf13566189c8d0ce5a814f33eff3d89951896"
}
],
"repo": "https://github.com/python/cpython"
Expand All @@ -34,6 +52,30 @@
{
"type": "ADVISORY",
"url": "https://mail.python.org/archives/list/[email protected]/thread/AXPSKKTSRKXTTJULW3XSIC74WZNAAPPB/"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/3f031d431f80668e14f3bc066bbf4369cd9281b9"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/4ce6bf7c8aa7725828a38981c306f214c1f29365"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/7f0dc59c9a70f8f3b4da33d7c4a2ba552a7acc21"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/e86666c9dd256d52d0fbef6feb1ea4a51768fdec"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/eb63c0f94dfcbea7fda8eab6213818e134d67192"
},
{
"type": "FIX",
"url": "https://github.com/python/cpython/commit/f50bf13566189c8d0ce5a814f33eff3d89951896"
}
],
"database_specific": {
Expand Down
Loading