CNNVD-202601-3704 Information

CNNVD ID

CNNVD-202601-3704

Related CVE

CVE-2025-71176

• CNNVD Published: 2026-01-22

Description (Chinese)

Pytest是Pytest团队的一款基于Python语言的测试框架。 pytest 9.0.2及之前版本存在安全漏洞，该漏洞源于依赖具有/tmp/pytest-of-{user}名称模式的目录，可能导致本地用户发起拒绝服务攻击或获取权限。

Description (English)

Pytest is a Pytest team-based testing framework in Python. There is a security loophole in the pytest 9.2 and earlier versions, which stems from reliance on a directory with/tmp/pytest-of-{user} name patterns, which may lead local users to initiate a denial of service attack or access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Pytest

Published

2026-01-22

Last Modified

2026-02-24

References

https://github.com/pytest-dev/pytest/issues/13669 https://www.openwall.com/lists/oss-security/2026/01/21/5 https://access.redhat.com/security/cve/cve-2025-71176