VDB
CVE-2025-71176
CVE-2025-71176
PUBLISHED
CVSS 6.800000190734863 MEDIUM
pytest has vulnerable tmpdir handling
EPSS 0.01% · 1.0th percentile
Risk Scores
CVSS v3.1
6.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
EPSS Score
0.01%
1.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| pytest | pytest | 0, 0 |
| PyPI | pytest | 0 |
Timeline
- Jan 22, 2026 CVE Published
- Jan 22, 2026 EPSS Score
- Jan 22, 2026 PoC Published
- Jan 25, 2026 EPSS Score
- Jan 27, 2026 EPSS Score
- Jan 30, 2026 EPSS Score
- Feb 2, 2026 EPSS Score
- Feb 4, 2026 EPSS Score
- Feb 7, 2026 EPSS Score
- Feb 10, 2026 EPSS Score
- Feb 12, 2026 EPSS Score
- Feb 15, 2026 EPSS Score
References
- https://github.com/pytest-dev/pytest/issues/13669 url
- https://www.openwall.com/lists/oss-security/2026/01/21/5 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-71176 advisory
- https://github.com/pytest-dev/pytest/pull/14343 url
- https://github.com/pytest-dev/pytest/commit/95d8423bd24992deea5b9df32555fa1741679e2c url
- https://github.com/pytest-dev/pytes package
- https://github.com/pytest-dev/pytest/releases/tag/9.0.3 url