Lucene search
K

20 matches found

OSV
OSV
added 2026/06/08 2:58 p.m.9 views

CLEANSTART-2026-NN42198 Security fixes for CVE-2024-35195, CVE-2024-47081, CVE-2025-8869, CVE-2026-1703, CVE-2026-25645, CVE-2026-3219, CVE-2026-44431, CVE-2026-44432, CVE-2026-45409, CVE-2026-48710, CVE-2026-6357, ghsa-58qw-9mgm-455v, ghsa-65pc-fj4g-8rjx, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 1.25.2-r0, 2.2.3-r0, 2.2.3-r1

Multiple security vulnerabilities affect the k8s-sidecar package. These issues are resolved in later releases. See references for individual vulnerability details...

8.9CVSS6.5AI score0.01438EPSS
Exploits4References28
OpenVAS
OpenVAS
added 2026/04/16 12:0 a.m.22 views

Fedora: Security Advisory (FEDORA-2026-2af3865ebf)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.00438EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/15 12:0 a.m.2 views

Fedora 45 : pypy (2026-ae330775b9)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ae330775b9 advisory. JIT translation fix for bootstraping, require openssl 3 and fix CVE-2026-25645 and CVE-2025-8869 Tenable has extracted the preceding description blo...

5.9CVSS7.2AI score0.00438EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:41 p.m.7 views

Security Bulletin: Vulnerability affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-8869 DESCRIPTION: When extracting a ta...

5.9CVSS6.7AI score0.00438EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2026/03/19 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1640)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.00438EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/03/17 12:0 a.m.2 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1590)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.00438EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.4 views

EulerOS 2.0 SP11 : python-pip (EulerOS-SA-2026-1618)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP...

5.9CVSS5.9AI score0.00438EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1457)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.8AI score0.02974EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1544)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.00438EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/13 4:55 p.m.11 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for February 2025.

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 25.0.0-IF004. Vulnerability Details CVEID:CVE-2025-8869 DESCRIPTION: When extracting a tar archive pip may not check symbolic lin...

9.4CVSS7.7AI score0.00986EPSS
Exploits2Affected Software2
OpenVAS
OpenVAS
added 2026/02/03 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.4AI score0.00438EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/02/03 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1214)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.4AI score0.00438EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.4 views

EulerOS 2.0 SP13 : python-pip (EulerOS-SA-2026-1214)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP...

5.9CVSS5.5AI score0.00438EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.5 views

EulerOS 2.0 SP13 : python-pip (EulerOS-SA-2026-1226)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP...

5.9CVSS5.5AI score0.00438EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/01/14 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1099)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS7.4AI score0.02974EPSS
Exploits2References2
Amazon
Amazon
added 2025/10/14 12:0 a.m.7 views

Medium: python3.11-pip

Issue Overview: When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities that are remediated by usin...

5.9CVSS6.9AI score0.00438EPSS
Exploits0
Chainguard
Chainguard
added 2025/09/29 1:44 p.m.6 views

CVE-2025-8869 vulnerabilities

Vulnerabilities for packages: mlflow, py3-virtualenv, reflex, py3.12-pytorch-cuda-11.8, py3-pip, py3.9-pip, localstack, py3.10-pytorch-cuda-11.8, graalvm, py3-pip-wheel-bootstrap, airflow, request-1276, py3-cassandra-medusa, nvidia-nsight-compute-13.1...

5.9CVSS6.7AI score0.00438EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/29 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-8869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that...

5.9CVSS7.3AI score0.00438EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/09/24 3:31 p.m.6 views

aaanalysis (>=0.1.2 <=1.0.0), aadetools (>=0.0.3 <=0.0.5) +540 more potentially affected by CVE-2025-8869 via pip (>=10.0.0b2 <=25.2.0)

pip PYPI version =10.0.0b2, =0.1.2, =0.0.3, =0.5.14, =0.1.1, =2.0.0, =0.2.1, =0.1.2, =0.0.1, =0.1.0, =0.1.10, =0.2.0, =0.68.0, =1.8.15, =1.8.17, =1.8.19 and more Source cves: CVE-2025-8869 Source advisory: OSV:GHSA-4XH5-X5GV-QWPH...

5.9CVSS6.7AI score0.00438EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/24 3:31 p.m.5 views

aaanalysis (>=0.1.2 <=1.0.0), aadetools (>=0.0.3 <=0.0.5) +536 more potentially affected by CVE-2025-8869 via pip (>=10.0.0b2 <=25.1.1)

pip PYPI version =10.0.0b2, =0.1.2, =0.0.3, =0.5.14, =0.1.1, =2.0.0, =0.2.1, =0.1.2, =0.0.1, =0.1.0, =0.1.10, =0.2.0, =0.68.0, =1.8.15, =1.8.17, =1.8.19 and more Source cves: CVE-2025-8869 Source advisory: SNYK:PYTHON-PIP-13045331...

5.9CVSS6.7AI score0.00438EPSS
Exploits0
Rows per page
Query Builder