Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 3 of 3 results


CVE-2022-36070

Medium priority
Not affected

Poetry is a dependency manager for Python. To handle dependencies that come from a Git repository, Poetry executes various commands, e.g. `git config`. These commands are being executed using the executable’s name and not...

1 affected packages

poetry

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poetry Not affected Not in release Not in release Ignored
Show less packages

CVE-2022-36069

Medium priority
Needs evaluation

Poetry is a dependency manager for Python. When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such as `git clone`. These commands are constructed using user input (e.g....

1 affected packages

poetry

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poetry Needs evaluation Needs evaluation Not in release Not in release Ignored
Show less packages

CVE-2022-26184

Medium priority
Needs evaluation

Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing malicious content....

2 affected packages

poetry, poetry-core

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poetry Needs evaluation Needs evaluation Ignored
poetry-core Needs evaluation Needs evaluation Ignored
Show less packages