Vulnerabilities > Python Poetry

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-42966 Unspecified vulnerability in Python-Poetry Cleo
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows method
network
low complexity
python-poetry
7.5
2022-09-07 CVE-2022-36069 Argument Injection or Modification vulnerability in Python-Poetry Poetry
Poetry is a dependency manager for Python.
local
low complexity
python-poetry CWE-88
7.3
2022-09-07 CVE-2022-36070 Unspecified vulnerability in Python-Poetry Poetry
Poetry is a dependency manager for Python.
local
low complexity
python-poetry
7.3
2022-03-21 CVE-2022-26184 Untrusted Search Path vulnerability in Python-Poetry Poetry
Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing malicious content.
network
low complexity
python-poetry CWE-426
critical
9.8