PT-2026-28069 · Pypi+1 · Requests+1

Jaycelation

Publicado

2026-03-25

Atualizado

2026-06-08

CVE-2026-25645

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Requests versions prior to 2.33.0

Description The requests.utils.extract zipped paths() function uses a predictable filename when extracting files from zip archives into the system temporary directory. If a file with the same name already exists, it is reused without validation. A local attacker with write access to the temporary directory could pre-create a malicious file that would be loaded in place of the legitimate one. This impacts applications that directly call extract zipped paths(). The function requests.utils.extract zipped paths() is used by HTTPAdapter.cert verify() to load the CA bundle.

Recommendations Versions prior to 2.33.0 should be upgraded to version 2.33.0 or later. If upgrading is not possible, set the TMPDIR environment variable to a directory with restricted write access.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-377

Identificadores relacionados

BDU:2026-07739

CVE-2026-25645

ECHO-74D4-CC6F-7870

GHSA-GC5V-M9X4-R6X2

OESA-2026-1909

OPENSUSE-SU-2026:10455-1

OPENSUSE-SU-2026:20926-1

SUSE-SU-2026:1218-1

SUSE-SU-2026:1644-1

SUSE-SU-2026:1647-1

SUSE-SU-2026:21036-1

SUSE-SU-2026:21063-1

SUSE-SU-2026:22055-1

SUSE-SU-2026:22091-1

Produtos afetados

Red Os

Requests

PT-2026-28069 · Pypi+1 · Requests+1

CVE-2026-25645

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 47