Overview · python-poetry/poetry · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4
GHSA-73h3-mf4w-8647 published Apr 18, 2026 by radoering

Low
Wheel Path Traversal Leading to Arbitrary File Write
GHSA-2599-h6xx-hpxp published Mar 31, 2026 by radoering

High
Untrusted Search Path can lead to Local Code Execution on Windows
GHSA-j4j9-7hg9-97g6 published Aug 31, 2022 by neersighted

Moderate
Argument Injection can lead to Local Code Execution
GHSA-9xgj-fcgf-x6mw published Aug 31, 2022 by neersighted

Moderate

Learn more about advisories related to python-poetry/poetry in the GitHub Advisory Database