cpython/Misc/NEWS.d/next/Security/2026-03-16-18-07-00.gh-issue-146121.vRbdro.rst at 5e9d90b615b94469081b39a7b0808fea86c417be · python/cpython

:func:`pkgutil.get_data` now raises rejects resource arguments containing the parent directory components or that is an absolute path. This addresses :cve:`2026-3479`.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

FilesExpand file tree

2026-03-16-18-07-00.gh-issue-146121.vRbdro.rst

Latest commit

History

2026-03-16-18-07-00.gh-issue-146121.vRbdro.rst

File metadata and controls