9 matches found
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python-pip: python-pip-wheel-26.1.2-1.hum1 noarch python3-pip-26.1.2-1.hum1 noarch python-pip-26.1.2-1.hum1.src src Security Fixes: python-pip: CVE-2026-8643...
Important: Red Hat Security Advisory: python3.14-pip security update
An update for python3.14-pip is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2026-1837)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1837 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...
Amazon Linux 2023 : python3.14-pip, python3.14-pip-wheel (ALAS2023-2026-1838)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1838 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...
SUSE-SU-2026:22300-1 Security update for python-pip
This update for python-pip fixes the following issue - CVE-2026-8643: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite bsc1266669...
OESA-2026-2631 python-pip security update
%changelog Sat Jul 13 2024 yangyuan [email protected] - 23.3.1-2 - Fix CVE-2023-45803 and CVE-2024-37891 Security Fixes: A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel...
python311-pip-26.1.2-1.1 on GA media (moderate)
python311-pip-26.1.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10940-1 Rating: moderate Cross-References: CVE-2026-8643 CVSS scores: CVE-2026-8643 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now...
aaanalysis (>=0.1.2 <=1.0.2), aadetools (>=0.0.3 <=0.0.5) +589 more potentially affected by CVE-2026-8643 via pip (>=10.0.0b2 <=26.1.1)
pip PYPI version =10.0.0b2, =0.1.2, =0.0.3, =0.5.14, =0.1.1, =2.0.0, =0.2.1, =0.1.2, =0.0.1, =0.1.0, =0.1.10, =0.2.0, =0.68.0, =1.8.15, =1.8.17, =1.8.19 and more Source cves: CVE-2026-8643 Source advisory: OSV:PYSEC-2026-196...
Linux Distros Unpatched Vulnerability : CVE-2026-8643
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leadin...