pkg:PyPI/uv
3 total CVEsHIGH1MEDIUM1
✅ Check your installed version
All known vulnerabilities
HIGH8.1CVE-2025-62518`tokio-tar` parses PAX extended headers incorrectly, allows file smuggling from 0, < 0.9.5
MEDIUM6.3CVE-2025-13327uv has ZIP payload obfuscation through parsing differentials from 0, < 0.9.6
—CVE-2025-54368uv allows ZIP payload obfuscation through parsing differentials from 0, < 0.8.6