CVE-2026-3479

Publication date

2026-03-18 18:13:42

Family

PSF

State

PUBLISHED

Description

pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals.