CVE-2026-3479

ADVISORY - nist

Summary

pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.

EPSS Score⁠: 0.00018 (0.041)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-22⁠

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADVISORY - redhat

CWE-22⁠

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Impacted images

Advisories

NIST

CREATED

2 days ago

UPDATED

21 hours ago

ADVISORY IDCVE-2026-3479⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-22⁠

CVSS SCORE

2.1low

Debian

CREATED

3 hours ago

UPDATED

3 hours ago

ADVISORY IDCVE-2026-3479⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Bitnami

CREATED

6 hours ago

UPDATED

5 hours ago

ADVISORY ID

BIT-libpython-2026-3479

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2.1low

Bitnami

CREATED

6 hours ago

UPDATED

5 hours ago

ADVISORY ID

BIT-python-2026-3479

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2.1low

Bitnami

CREATED

6 hours ago

UPDATED

5 hours ago

ADVISORY ID

BIT-python-min-2026-3479

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2.1low

Red Hat

CREATED

2 days ago

UPDATED

12 hours ago

ADVISORY IDCVE-2026-3479⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-22⁠

CVSS SCORE

3.3low