Advisories ยป MGASA-2026-0260

Updated python-pydantic-settings packages fix a security vulnerability

Publication date: 18 Jul 2026
Modification date: 18 Jul 2026
Type: security
Affected Mageia releases : 10
CVE: CVE-2026-58203

Description

The updated packages fix a security vulnerability:
NestedSecretsSettingsSource follows symlinks outside secrets_dir,
enabling local file read and bypassing secrets_dir_max_size.
(CVE-2026-58203)
                

References

SRPMS

10/core