Browse all 4 CVE security advisories affecting python-poetry. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41140 | Poetry: Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4 — poetryCWE-22 | 9.1AI | CriticalAI | 2026-04-24 |
| CVE-2026-34591 | Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write — poetryCWE-22 | 7.8AI | HighAI | 2026-04-02 |
| CVE-2022-36069 | Poetry Argument Injection vulnerability can lead to local Code Execution — poetryCWE-94 | 7.3 | High | 2022-09-07 |
| CVE-2022-36070 | Poetry's Untrusted Search Path can lead to Local Code Execution on Windows — poetryCWE-426 | 7.3 | High | 2022-09-07 |
This page lists every published CVE security advisory associated with python-poetry. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.