NVD脆弱性詳細

Exploit、PoC検索

NVD脆弱性検索トップ

->

NVD脆弱性詳細

CVE-2026-0864

概要	When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value.
公表日	2026年6月24日3:17
登録日	2026年6月27日4:14
最終更新日	2026年6月26日4:51

関連情報、対策とツール

No	URL	refsource	タグ
1	https://github.com/python/cpython/commit/0adb386f6e68eb2e73d32e19f235d012df009528	cna@python.org
2	https://github.com/python/cpython/commit/5858e42c539dac8394636a6e9b30472b8994851f	cna@python.org
3	https://github.com/python/cpython/commit/71f2e02a52d47417a6fd69f456346cd8aa7aca98	cna@python.org
4	https://github.com/python/cpython/commit/aaf850fd333cd89e9aada03d92aaa788a6cb1bb8	cna@python.org
5	https://github.com/python/cpython/issues/143927	cna@python.org
6	https://github.com/python/cpython/pull/151559	cna@python.org
7	https://mail.python.org/archives/list/security-announce@python.org/thread/CV4NE6AFCRJL7XQOHX7J5TSDHUWVWGJS/	cna@python.org

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-74	インジェクション	https://cwe.mitre.org/data/definitions/74.html