Search for packages
| purl | pkg:pypi/sosreport@3.3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-9k7d-e6db-bqe5 | sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date. |
CVE-2015-7529
GHSA-3g56-2hh3-35ph PYSEC-2017-73 |
| VCID-kx2x-yma1-bffd | sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive. |
CVE-2015-3171
GHSA-gw46-8559-cggp PYSEC-2017-72 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-31T11:34:47.914272+00:00 | GithubOSV Importer | Fixing | VCID-9k7d-e6db-bqe5 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3g56-2hh3-35ph/GHSA-3g56-2hh3-35ph.json | 38.6.0 |
| 2026-05-31T11:33:40.634531+00:00 | GithubOSV Importer | Fixing | VCID-kx2x-yma1-bffd | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-gw46-8559-cggp/GHSA-gw46-8559-cggp.json | 38.6.0 |
| 2026-05-31T00:57:36.569621+00:00 | GHSA Importer | Fixing | VCID-kx2x-yma1-bffd | https://github.com/advisories/GHSA-gw46-8559-cggp | 38.6.0 |
| 2026-05-30T20:58:47.154796+00:00 | GitLab Importer | Fixing | VCID-kx2x-yma1-bffd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/sosreport/CVE-2015-3171.yml | 38.6.0 |
| 2026-05-30T20:58:26.765152+00:00 | GitLab Importer | Fixing | VCID-9k7d-e6db-bqe5 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/sosreport/CVE-2015-7529.yml | 38.6.0 |