PT-2026-3664 · Pypi+3 · Poplib+3

Published

2026-01-16

·

Updated

2026-05-22

·

CVE-2025-15367

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:S/C:P/I:C/A:N
Name of the Vulnerable Software and Affected Versions poplib (affected versions not specified)
Description The poplib module is susceptible to command injection when processing user-supplied commands. Specifically, the module can be exploited to inject additional commands through the use of newline characters. A mitigation has been implemented to reject commands containing control characters.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

ALSA-2026:2128
ALSA-2026:4165
ALSA-2026:4168
ALSA-2026:4216
ALSA-2026:4463
ALSA-2026:4473
ALSA-2026:4713
AZL-75038
AZL-75050
BDU:2026-05131
BIT-LIBPYTHON-2025-15367
BIT-PYTHON-2025-15367
BIT-PYTHON-MIN-2025-15367
CVE-2025-15367
ECHO-077B-81DB-C985
OESA-2026-1356
OESA-2026-1461
OPENSUSE-SU-2026:10152-1
OPENSUSE-SU-2026:10200-1
OPENSUSE-SU-2026:10206-1
OPENSUSE-SU-2026:10221-1
OPENSUSE-SU-2026:10222-1
PSF-2026-4
RHSA-2026:2128
RHSA-2026:4165
RHSA-2026:4168
RHSA-2026:4216
RHSA-2026:4463
RHSA-2026:4473
RHSA-2026:4713
RHSA-2026:4746
RHSA-2026:5152
RHSA-2026:5215
RHSA-2026:5216
RHSA-2026:5218
RHSA-2026:5219
RHSA-2026:5221
RHSA-2026:5223
RHSA-2026:5225
RHSA-2026:5226
RHSA-2026:5315
RHSA-2026:5393
RHSA-2026:5399
RHSA-2026:5994
RHSA-2026:6007
RHSA-2026:6008
RHSA-2026:6253
RHSA-2026:6464
RHSA-2026:7443
RHSA-2026:8822
RHSA-2026:8824
SUSE-SU-2026:0590-1
SUSE-SU-2026:0612-1
SUSE-SU-2026:0613-1
SUSE-SU-2026:0643-1
SUSE-SU-2026:0644-1
SUSE-SU-2026:0645-1
SUSE-SU-2026:0663-1
SUSE-SU-2026:0664-1
SUSE-SU-2026:0693-1
SUSE-SU-2026:0767-1
SUSE-SU-2026:20665-1
SUSE-SU-2026:20710-1
USN-8018-1
USN-8018-2

Affected Products

Linuxmint
Rocky Linux
Ubuntu
Poplib