All 2 CVE vulnerabilities found in uv, with AI-generated Chinese analysis, references, and POCs.
Vendor: astral-sh
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13327 | Uv: uv: specially crafted zip archives lead to arbitrary code execution due to parsing differentials CWE-1286 | 6.3 | Medium | 2026-02-27 |
| CVE-2025-54368 | uv is vulnerable to ZIP payload obfuscation through parsing differentials CWE-436 | 9.1 | - | 2025-08-08 |
All 2 known CVE vulnerabilities affecting uv with full Chinese analysis, references, and POCs where available.