Lucene search
OracleLinuxELSA-2020-1916HistoryMay 05, 2020 - 12:00 a.m.
python-pip security update
2020-05-0500:00:00
linux.oracle.com
26
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
[9.0.3-16]
- Add four new patches for CVEs in bundled urllib3 and requests
CVE-2018-20060, CVE-2019-11236, CVE-2019-11324, CVE-2018-18074
Resolves: rhbz#1649153
Resolves: rhbz#1700824
Resolves: rhbz#1702473
Resolves: rhbz#1643829
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | python-pip | < 9.0.3-16.el8 | python-pip-9.0.3-16.el8.src.rpm |
| oracle linux | 8 | noarch | platform-python-pip | < 9.0.3-16.el8 | platform-python-pip-9.0.3-16.el8.noarch.rpm |
| oracle linux | 8 | noarch | python3-pip | < 9.0.3-16.el8 | python3-pip-9.0.3-16.el8.noarch.rpm |
| oracle linux | 8 | noarch | python3-pip-wheel | < 9.0.3-16.el8 | python3-pip-wheel-9.0.3-16.el8.noarch.rpm |
| oracle linux | 8 | src | python-pip | < 9.0.3-16.el8 | python-pip-9.0.3-16.el8.src.rpm |
| oracle linux | 8 | noarch | platform-python-pip | < 9.0.3-16.el8 | platform-python-pip-9.0.3-16.el8.noarch.rpm |
| oracle linux | 8 | noarch | python3-pip | < 9.0.3-16.el8 | python3-pip-9.0.3-16.el8.noarch.rpm |
| oracle linux | 8 | noarch | python3-pip-wheel | < 9.0.3-16.el8 | python3-pip-wheel-9.0.3-16.el8.noarch.rpm |
Related
nessus
nessus
CentOS 7 : python-pip (CESA-2020:0850)
2020-03-26 00:00:00
CentOS 8 : python-pip (CESA-2020:1916)
2021-02-01 00:00:00
Scientific Linux Security Update : python-pip on SL7.x (noarch) (20200317)
2020-03-18 00:00:00
redhat
redhat
(RHSA-2020:0850) Moderate: python-pip security update
2020-03-17 13:10:26
(RHSA-2020:1916) Moderate: python-pip security update
2020-04-28 09:30:31
(RHSA-2020:2068) Moderate: python-pip security update
2020-05-12 14:03:16
centos
centos
python3 security update
2020-03-18 19:33:57
python security update
2020-03-25 19:10:05
python security update
2019-08-30 04:04:34
oraclelinux
oraclelinux
python-pip security update
2020-05-19 00:00:00
python-pip security update
2020-03-18 00:00:00
python-virtualenv security update
2020-03-18 00:00:00
openvas
openvas
CentOS: Security Advisory for python3-pip (CESA-2020:0850)
2020-03-26 00:00:00
Ubuntu: Security Advisory (USN-3990-1)
2019-05-22 00:00:00
CentOS: Security Advisory for python-virtualenv (CESA-2020:0851)
2020-03-26 00:00:00
ubuntu
ubuntu
urllib3 vulnerabilities
2019-05-21 00:00:00
Requests vulnerability
2018-10-22 00:00:00
Requests vulnerability
2018-10-15 00:00:00
freebsd
freebsd
urllib3 -- multiple vulnerabilities
2018-12-11 00:00:00
mageia
mageia
Updated python-urllib3 packages fix security vulnerability
2019-09-07 00:09:08
Updated python-pip packages fix security vulnerabilities
2020-01-28 14:32:54
amazon
amazon
Medium: python-virtualenv
2020-04-20 20:48:00
Medium: python-pip
2020-02-05 16:26:00
Medium: python-pip
2020-02-04 22:44:00
almalinux
almalinux
Moderate: python27:2.7 security, bug fix, and enhancement update
2020-04-28 08:55:59
python-requests bug fix update
2019-11-05 20:50:57
suse
suse
Security update for python-urllib3 (moderate)
2019-09-14 00:00:00
Security update for python-urllib3 (moderate)
2019-09-15 00:00:00
Security update for python-requests (moderate)
2019-07-20 00:00:00
debian
debian
[SECURITY] [DLA 2686-1] python-urllib3 security update
2021-06-15 18:34:44
[SECURITY] [DLA 3610-1] python-urllib3 security update
2023-10-08 11:06:20
osv
osv
python-urllib3 - security update
2021-06-15 00:00:00
Moderate: python27:2.7 security, bug fix, and enhancement update
2020-04-28 08:55:59
Moderate: python27:2.7 security, bug fix, and enhancement update
2020-04-28 08:55:59
fedora
fedora
[SECURITY] Fedora 30 Update: python-pip-19.0.3-6.fc30
2020-01-20 03:19:41
[SECURITY] Fedora 31 Update: python-pip-19.1.1-7.fc31
2020-01-08 11:55:39
[SECURITY] Fedora 30 Update: python-urllib3-1.24.2-1.fc30
2019-04-27 21:35:01
rocky
rocky
python27:2.7 security, bug fix, and enhancement update
2020-04-28 08:55:59
python-requests bug fix update
2019-11-05 20:50:57
photon
photon
f5
f5
K000133668 : Python urllib3 vulnerability CVE-2018-20060
2023-04-27 00:00:00
K000133448 : Python urllib3 vulnerability CVE-2019-11324
2023-04-27 00:00:00
redhatcve
redhatcve
veracode
veracode
SSL Hostname Verification Bypass
2019-04-22 03:35:22
Information Disclosure
2018-10-10 02:26:19
Information Disclosure
2018-12-12 03:50:22
prion
prion
Design/Logic Flaw
2019-04-18 21:29:00
debiancve
debiancve
github
github
Improper Certificate Validation in urllib3
2019-04-19 16:55:10
Insufficiently Protected Credentials in Requests
2018-10-29 19:06:46
ibm
ibm
cve
cve
CVE-2018-18074
2018-10-09 17:29:00
huntr
huntr
ubuntucve
ubuntucve
CVE-2018-20060
2018-12-11 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related for ELSA-2020-1916