CNNVD-202601-3165 Information

CNNVD ID

CNNVD-202601-3165

Related CVE

CVE-2025-15367

• CNNVD Published: 2026-01-20

Description (Chinese)

CPython是Python基金会的一个用C语言实现的Python解释器。 CPython存在安全漏洞，该漏洞源于传递用户控制的命令时可能通过换行符注入额外命令。

Description (English)

CPython is a Python interpreter for the Python Foundation in the C language. There is a security loophole in CPython, which arises from the possibility that additional commands may be injected through line breaks when transmitting a user-controlled command.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Python

Published

2026-01-20

Last Modified

2026-02-24

References

https://github.com/python/cpython/commit/b234a2b67539f787e191d2ef19a7cbdce32874e7 https://github.com/python/cpython/issues/143923 https://github.com/python/cpython/pull/143924 https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/

Patch

https://github.com/python/cpython/tags