{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34591", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T17:15:52.499Z", "datePublished": "2026-04-02T17:35:07.691Z", "dateUpdated": "2026-04-03T18:12:07.813Z"}, "containers": {"cna": {"title": "Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp"}, {"name": "https://github.com/python-poetry/poetry/pull/10792", "tags": ["x_refsource_MISC"], "url": "https://github.com/python-poetry/poetry/pull/10792"}, {"name": "https://github.com/python-poetry/poetry/releases/tag/2.3.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/python-poetry/poetry/releases/tag/2.3.3"}, {"name": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a", "tags": ["x_refsource_MISC"], "url": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a"}], "affected": [{"vendor": "python-poetry", "product": "poetry", "versions": [{"version": ">= 1.4.0, < 2.3.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T17:35:07.691Z"}, "descriptions": [{"lang": "en", "value": "Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. It is reachable from untrusted package artifacts during normal install flows. (Normally, installing a malicious wheel is not sufficient for execution of malicious code. Malicious code will only be executed after installation if the malicious package is imported or invoked by the user.). This issue has been patched in version 2.3.3."}], "source": {"advisory": "GHSA-2599-h6xx-hpxp", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-02T18:29:00.454565Z", "id": "CVE-2026-34591", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T18:12:07.813Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34591", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-02T18:29:00.454565Z"}}}], "references": [{"url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T18:29:17.877Z"}}], "cna": {"title": "Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write", "source": {"advisory": "GHSA-2599-h6xx-hpxp", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "python-poetry", "product": "poetry", "versions": [{"status": "affected", "version": ">= 1.4.0, < 2.3.3"}]}], "references": [{"url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "name": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/python-poetry/poetry/pull/10792", "name": "https://github.com/python-poetry/poetry/pull/10792", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/python-poetry/poetry/releases/tag/2.3.3", "name": "https://github.com/python-poetry/poetry/releases/tag/2.3.3", "tags": ["x_refsource_MISC"]}, {"url": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a", "name": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. It is reachable from untrusted package artifacts during normal install flows. (Normally, installing a malicious wheel is not sufficient for execution of malicious code. Malicious code will only be executed after installation if the malicious package is imported or invoked by the user.). This issue has been patched in version 2.3.3."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T17:35:07.691Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34591", "state": "PUBLISHED", "dateUpdated": "2026-04-03T18:12:07.813Z", "dateReserved": "2026-03-30T17:15:52.499Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-02T17:35:07.691Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:python-poetry:poetry:*:*:*:*:*:python:*:*", "matchCriteriaId": "6305B4E1-D30A-46D9-9A79-6DFC56825CBD", "versionEndExcluding": "2.3.3", "versionStartIncluding": "1.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. It is reachable from untrusted package artifacts during normal install flows. (Normally, installing a malicious wheel is not sufficient for execution of malicious code. Malicious code will only be executed after installation if the malicious package is imported or invoked by the user.). This issue has been patched in version 2.3.3."}], "id": "CVE-2026-34591", "lastModified": "2026-04-13T18:38:38.063", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-02T18:16:31.163", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/python-poetry/poetry/pull/10792"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/python-poetry/poetry/releases/tag/2.3.3"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"bugzilla": {"description": "github.com/python-poetry/poetry: Poetry: Arbitrary file write via crafted package installation", "id": "2454513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454513"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "status": "draft"}, "cwe": "CWE-22", "details": ["Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. It is reachable from untrusted package artifacts during normal install flows. (Normally, installing a malicious wheel is not sufficient for execution of malicious code. Malicious code will only be executed after installation if the malicious package is imported or invoked by the user.). This issue has been patched in version 2.3.3.", "A flaw was found in Poetry, a dependency manager for Python. A remote attacker can exploit this vulnerability by providing a specially crafted package (wheel) that contains directory traversal sequences. When Poetry installs this malicious package, it writes files to arbitrary locations on the system with the privileges of the Poetry process, leading to unauthorized file modification or creation."], "name": "CVE-2026-34591", "package_state": [{"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "python-poetry-core", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "python3.12-poetry_core", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "python3.12-poetry_plugin_export", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "python-poetry_core", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "python-poetry_plugin_export", "product_name": "Red Hat Satellite 6"}], "public_date": "2026-04-02T17:35:07Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-34591\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34591\nhttp://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a\nhttps://github.com/python-poetry/poetry/pull/10792\nhttps://github.com/python-poetry/poetry/releases/tag/2.3.3\nhttps://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.4.0,2.3.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "poetry", "source": "cna", "vendor": "python-poetry"}, "product": "poetry", "vendor": "python-poetry"}], "analysis": {"en": {"generated_at": "2026-04-13T19:28:55.022589+00:00", "value": {"mitigation_remediation": ["Upgrade Poetry to version 2.3.3 or later.", "Prevent installation of packages from untrusted repositories until the patch is applied.", "Scan wheel files for '..' path components before installation or use a safe extraction tool."], "summary": {"action": "Patch Now", "impact": "Arbitrary file write"}, "threat_synthesis": {"affected_systems": "Python\u2011Poetry\u2019s dependency manager, Poetry, is impacted. Versions starting with 1.4.0 up to, but not including, 2.3.3 are vulnerable. The issue was patched in release 2.3.3 and later. Users of any affected Poetry installation should apply the update or otherwise block untrusted wheels.", "description_and_impact": "Poetry processes wheel files during installation. The vulnerability allows a crafted wheel to contain path components such as '..' that escape the intended extraction directory. Because Poetry lacks containment checks, it will write files to arbitrary locations on disk with the same privileges as the Poetry process. The primary impact is the ability to modify or overwrite files in the filesystem, which can lead to data corruption, privilege elevation, or facilitate subsequent payload execution if the attacker controls critical system files. The weakness is a Path Traversal flaw (CWE\u201122).", "risk_and_exploitability": "The CVSS score of 7.1 indicates a moderate to high severity. The EPSS score is below 1\u202f% and the vulnerability is not listed in the CISA KEV catalog, suggesting a low probability of widespread exploitation. However, the likely attack vector is the normal package installation flow from untrusted wheel sources, which is within reach of any developer or CI environment. An attacker who can supply a malicious wheel to a Poetry installation can write arbitrary files, potentially compromising the host system if they target system\u2011wide or configuration files."}}}}, "created": "2026-04-03T07:32:13.075570+00:00", "updated": "2026-04-14T16:41:58.043898+00:00", "vendors": ["python-poetry", "python-poetry$PRODUCT$poetry"]}