VulnerableCode Package Details - pkg:pypi/koji@1.14

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/koji@1.14

Essentials
History (2)

purl	pkg:pypi/koji@1.14

Next non-vulnerable version	1.14.1
Latest non-vulnerable version	1.35.1
Risk	4.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-hct7-3wtx-xyew Aliases: CVE-2018-1002150 GHSA-6mww-xvh7-fq4f PYSEC-2018-86	Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1.	1.14.1 Affected by 0 other vulnerabilities. 1.15.1 Affected by 0 other vulnerabilities. 1.16.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-hct7-3wtx-xyew
Aliases:
CVE-2018-1002150
GHSA-6mww-xvh7-fq4f
PYSEC-2018-86

Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1.

1.14.1
Affected by 0 other vulnerabilities.

1.15.1
Affected by 0 other vulnerabilities.

1.16.0
Affected by 1 other vulnerability.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T17:40:33.691055+00:00	GithubOSV Importer	Affected by	VCID-hct7-3wtx-xyew	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-6mww-xvh7-fq4f/GHSA-6mww-xvh7-fq4f.json	38.6.0
2026-06-02T04:38:00.691753+00:00	GitLab Importer	Affected by	VCID-hct7-3wtx-xyew	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/koji/CVE-2018-1002150.yml	38.6.0