CVE-2022-26184

Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing malicious content. This vulnerability occurs when the application is ran on Windows OS.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:python-poetry:poetry:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Information

Published : 2022-03-21 15:15

Updated : 2022-03-29 07:56


NVD link : CVE-2022-26184

Mitre link : CVE-2022-26184


JSON object : View

CWE
CWE-426

Untrusted Search Path

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows

python-poetry

  • poetry