CVE-2026-3479
ADVISORY - nistSummary
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.get_data() has the same security model as open(). The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model.
pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.
EPSS Score: 0.00014 (0.025)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADVISORY - redhat
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Docker
CREATED
UPDATED
ADVISORY ID
CVE-2026-3479
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
NIST
CREATED
UPDATED
ADVISORY IDCVE-2026-3479
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
Debian
CREATED
UPDATED
ADVISORY IDCVE-2026-3479
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowUbuntu
CREATED
UPDATED
ADVISORY IDCVE-2026-3479
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumBitnami
CREATED
UPDATED
ADVISORY ID
BIT-libpython-2026-3479
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
2.1lowBitnami
CREATED
UPDATED
ADVISORY ID
BIT-python-2026-3479
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
2.1lowBitnami
CREATED
UPDATED
ADVISORY ID
BIT-python-min-2026-3479
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
2.1lowRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2026-3479
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
3.3lowminimos
CREATED
UPDATED
ADVISORY ID
MINI-7q7x-rxp3-2ppf
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-8cv8-pf76-4gj2
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-c8r3-rcw9-8mq2
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-fvg5-6r76-6g9x
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-j2cp-79jc-95mq
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-