Approved changes feed: RSS · Atom
cpe:2.3:a:python:python:3.15.0:alpha_2:*:*:*:*:*:*
part: a version: 3.15.0 update: alpha_2
| Vendor | Python (b57ad93a-6195-5192-9423-6cfad6044a8b) |
|---|---|
| Product | Python (fc328eef-0a85-5ddb-b629-b8866ec518c8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/python |
purl2cpe | 2026-06-01 10:16:29.359852 |
pkg:github/python/cpython |
purl2cpe | 2026-06-01 10:16:29.359854 |
pkg:python/python |
purl2cpe | 2026-06-01 10:16:29.359855 |
pkg:rpm/opensuse/python |
purl2cpe | 2026-06-01 10:16:29.359856 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-3087 |
vulnerable | 2026-06-03 15:22:13.672585 |
shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.
Published: 2026-04-27T20:46:43.201Z
Updated: 2026-05-12T13:25:02.962Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.