{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34591", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T17:15:52.499Z", "datePublished": "2026-04-02T17:35:07.691Z", "dateUpdated": "2026-04-03T18:12:07.813Z"}, "containers": {"cna": {"title": "Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp"}, {"name": "https://github.com/python-poetry/poetry/pull/10792", "tags": ["x_refsource_MISC"], "url": "https://github.com/python-poetry/poetry/pull/10792"}, {"name": "https://github.com/python-poetry/poetry/releases/tag/2.3.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/python-poetry/poetry/releases/tag/2.3.3"}, {"name": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a", "tags": ["x_refsource_MISC"], "url": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a"}], "affected": [{"vendor": "python-poetry", "product": "poetry", "versions": [{"version": ">= 1.4.0, < 2.3.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T17:35:07.691Z"}, "descriptions": [{"lang": "en", "value": "Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. It is reachable from untrusted package artifacts during normal install flows. (Normally, installing a malicious wheel is not sufficient for execution of malicious code. Malicious code will only be executed after installation if the malicious package is imported or invoked by the user.). This issue has been patched in version 2.3.3."}], "source": {"advisory": "GHSA-2599-h6xx-hpxp", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-02T18:29:00.454565Z", "id": "CVE-2026-34591", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T18:12:07.813Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34591", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-02T18:29:00.454565Z"}}}], "references": [{"url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T18:29:17.877Z"}}], "cna": {"title": "Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write", "source": {"advisory": "GHSA-2599-h6xx-hpxp", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "python-poetry", "product": "poetry", "versions": [{"status": "affected", "version": ">= 1.4.0, < 2.3.3"}]}], "references": [{"url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "name": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/python-poetry/poetry/pull/10792", "name": "https://github.com/python-poetry/poetry/pull/10792", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/python-poetry/poetry/releases/tag/2.3.3", "name": "https://github.com/python-poetry/poetry/releases/tag/2.3.3", "tags": ["x_refsource_MISC"]}, {"url": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a", "name": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. It is reachable from untrusted package artifacts during normal install flows. (Normally, installing a malicious wheel is not sufficient for execution of malicious code. Malicious code will only be executed after installation if the malicious package is imported or invoked by the user.). This issue has been patched in version 2.3.3."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-02T17:35:07.691Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34591", "state": "PUBLISHED", "dateUpdated": "2026-04-03T18:12:07.813Z", "dateReserved": "2026-03-30T17:15:52.499Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-02T17:35:07.691Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. It is reachable from untrusted package artifacts during normal install flows. (Normally, installing a malicious wheel is not sufficient for execution of malicious code. Malicious code will only be executed after installation if the malicious package is imported or invoked by the user.). This issue has been patched in version 2.3.3."}], "id": "CVE-2026-34591", "lastModified": "2026-04-03T19:17:22.843", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-02T18:16:31.163", "references": [{"source": "security-advisories@github.com", "url": "http://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a"}, {"source": "security-advisories@github.com", "url": "https://github.com/python-poetry/poetry/pull/10792"}, {"source": "security-advisories@github.com", "url": "https://github.com/python-poetry/poetry/releases/tag/2.3.3"}, {"source": "security-advisories@github.com", "url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"bugzilla": {"description": "github.com/python-poetry/poetry: Poetry: Arbitrary file write via crafted package installation", "id": "2454513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454513"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "status": "draft"}, "cwe": "CWE-22", "details": ["Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. It is reachable from untrusted package artifacts during normal install flows. (Normally, installing a malicious wheel is not sufficient for execution of malicious code. Malicious code will only be executed after installation if the malicious package is imported or invoked by the user.). This issue has been patched in version 2.3.3.", "A flaw was found in Poetry, a dependency manager for Python. A remote attacker can exploit this vulnerability by providing a specially crafted package (wheel) that contains directory traversal sequences. When Poetry installs this malicious package, it writes files to arbitrary locations on the system with the privileges of the Poetry process, leading to unauthorized file modification or creation."], "name": "CVE-2026-34591", "package_state": [{"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "python-poetry-core", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "python3.12-poetry_core", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "python3.12-poetry_plugin_export", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "python-poetry_core", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "python-poetry_plugin_export", "product_name": "Red Hat Satellite 6"}], "public_date": "2026-04-02T17:35:07Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-34591\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34591\nhttp://github.com/python-poetry/poetry/commit/ed59537ac3709cfbdbf95d957de801c13872991a\nhttps://github.com/python-poetry/poetry/pull/10792\nhttps://github.com/python-poetry/poetry/releases/tag/2.3.3\nhttps://github.com/python-poetry/poetry/security/advisories/GHSA-2599-h6xx-hpxp"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.4.0,2.3.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "poetry", "source": "cna", "vendor": "python-poetry"}, "product": "poetry", "vendor": "python-poetry"}], "analysis": {"en": {"generated_at": "2026-04-02T22:29:28.011507+00:00", "value": {"mitigation_remediation": ["Upgrade Poetry to version 2.3.3 or later (for example, by downloading the release from the Poetry GitHub page).", "Verify that all wheel packages are obtained from trusted sources or use a repository with verified package signatures."], "summary": {"action": "Apply Patch", "impact": "Arbitrary File Write"}, "threat_synthesis": {"affected_systems": "Poetry versions from 1.4.0 up to, but not including, 2.3.3 are affected. The issue exists whenever Poetry resolves and installs wheel packages that contain path traversal sequences. Any system running those versions and fetching packages from untrusted or compromised repositories is potentially vulnerable. Updating to 2.3.3 or later removes the containment checks and eliminates the flaw.", "description_and_impact": "The vulnerability is a path traversal flaw in Poetry's wheel handling. Crafting a wheel with \"../\" path components allows Poetry to write files outside the intended extraction directory because it does not enforce containment checks. An attacker can overwrite any file that the Poetry process can access, which could lead to tampering with configuration files, injecting malicious scripts, or otherwise compromising the environment. The flaw is flagged as CWE\u201122.", "risk_and_exploitability": "The CVSS score of 7.1 classifies the defect as high severity. EPSS information is not available, but the flaw resides in a widely used dependency manager and is publicly known. Because the attack vector relies on an untrusted wheel being introduced during normal install flows, the exploitation probability is moderate to high for environments that do not strictly control package sources. The vulnerability is not listed in CISA\u2019s KEV catalog, but the absence of a patch in earlier versions poses a significant risk until remediation."}}}}, "created": "2026-04-03T07:32:13.075570+00:00", "updated": "2026-04-03T09:17:16.419273+00:00", "vendors": ["python-poetry", "python-poetry$PRODUCT$poetry"]}