Vendor
Jaraco
Products
2
CVEs
2
Across products
2
Status
Private
Products
2- Jaraco.context1 CVEpypi
- Zipp1 CVEpypi
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-5569 | Med | 0.33 | 6.2 | 0.00 | Jul 9, 2024 | A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython,… | ||
| CVE-2026-23949 | 0.00 | — | 0.01 | Jan 20, 2026 | jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow… |
- risk 0.33cvss 6.2epss 0.00
A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython,…
- CVE-2026-23949Jan 20, 2026risk 0.00cvss —epss 0.01
jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow…