Search CVE reports
1 – 3 of 3 results
CVE-2022-36070
Medium priorityPoetry is a dependency manager for Python. To handle dependencies that come from a Git repository, Poetry executes various commands, e.g. `git config`. These commands are being executed using the executable’s name and not...
1 affected packages
poetry
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
poetry | — | Not affected | Not in release | Not in release | Ignored |
CVE-2022-36069
Medium priorityPoetry is a dependency manager for Python. When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such as `git clone`. These commands are constructed using user input (e.g....
1 affected packages
poetry
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
poetry | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |
CVE-2022-26184
Medium priorityPoetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing malicious content....
2 affected packages
poetry, poetry-core
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
poetry | Needs evaluation | Needs evaluation | — | — | Ignored |
poetry-core | Needs evaluation | Needs evaluation | — | — | Ignored |