| CVE-2026-44971 |
high |
8.2 |
8.2 |
|
|
|
8d ago |
GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 to 2.9.0, the programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replac… |
| CVE-2026-44972 |
medium |
5.0 |
5.0 |
|
|
|
8d ago |
GuardDog is a CLI tool to identify malicious PyPI packages. From 2.6.0 to 2.9.0, GuardDog includes attacker-controlled filenames, file locations, messages, and code snippets in its default human-read… |
| CVE-2026-22871 |
unknown |
— |
— |
|
|
|
5mo ago |
GuardDog Path Traversal Vulnerability Leads to Arbitrary File Overwrite and RCE |
| CVE-2026-22870 |
unknown |
— |
— |
|
|
|
5mo ago |
GuardDog Zip Bomb Vulnerability in safe_extract() Allows DoS |
| CVE-2022-23530 |
unknown |
— |
— |
|
|
|
4y ago |
GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files usi… |
| CVE-2022-23531 |
unknown |
— |
— |
|
|
|
4y ago |
GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversal when scanning a specially-crafted local PyPI package. Running GuardDog ag… |
