VYPR

PyPI package

uv

pkg:pypi/uv

Vulnerabilities (1)

  • CVE-2025-54368MedAug 8, 2025
    affected < 0.8.6fixed 0.8.6

    uv is a Python package and project manager written in Rust. In versions 0.8.5 and earlier, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. An attacker could contrive a ZIP archive that would e