Vulnerabilities

All ecosystems 628459 AlmaLinux 4656 Alpaquita 8786 Alpine 4049 Android 3261 Azure Linux 12016 BellSoft Hardened Containers 428 Bitnami 6971 Chainguard 5697 CleanStart 757 CRAN 14 crates.io 2216 Debian 54289 Echo 3180 GHC 3 GIT 81474 GitHub Actions 49 Go 6562 Hackage 30 Hex 57 Julia 505 Linux 15361 Mageia 5876 Maven 6324 MinimOS 26712 npm 217427 NuGet 1657 opam 12 openEuler 6386 openSUSE 12477 OSS-Fuzz 3829 Packagist 6076 Pub 11 PyPI 18681 Red Hat 19342 Rocky Linux 2944 Root 11955 RubyGems 1933 SUSE 20399 SwiftURL 50 Ubuntu 52346 VSCode 18 Wolfi 3643

GHSA-mf9w-mj56-hr94

PyPI/python-dotenv

python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback

10 hours ago

Fix available
Severity - 6.6 (Medium)