Skip to main content

Poetry

3 CVEs product

Monthly

CVE-2022-36070 PyPI HIGH PATCH This Week

Poetry is a dependency manager for Python. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Python RCE Poetry
NVD GitHub
CVSS 3.1
7.3
EPSS
0.3%
CVE-2022-36069 PyPI HIGH POC PATCH This Week

Poetry is a dependency manager for Python. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Python Command Injection Code Injection Poetry
NVD GitHub
CVSS 3.1
7.3
EPSS
1.4%
CVE-2022-26184 PyPI CRITICAL PATCH Act Now

Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Poetry
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Poetry is a dependency manager for Python. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Python RCE +1
NVD GitHub
EPSS 1% CVSS 7.3
HIGH POC PATCH This Week

Poetry is a dependency manager for Python. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Python Command Injection +2
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Poetry
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy