vulnerability

Ubuntu: USN-7989-1 (CVE-2025-58438): The Internet Archive Python Library vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Feb 2, 2026	Feb 5, 2026	Feb 5, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Feb 2, 2026

Added

Feb 5, 2026

Modified

Feb 5, 2026

Description

Pengo Wray discovered that The Internet Archive Python Library incorrectly
handled certain file paths when downloading files. An attacker could
possibly use this issue to write files to arbitrary locations on the file
system.

Solutions

ubuntu-pro-upgrade-internetarchiveubuntu-pro-upgrade-python3-internetarchive

References

CVE-2025-58438
https://attackerkb.com/topics/CVE-2025-58438
CWE-22
UBUNTU-USN-7989-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today