CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2026/05/07 1:38 p.m.•12 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.23 LTS and 13.1.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

9.2CVSS5.7AI score0.01092EPSS

Exploits1Affected Software1

Amazon•added 2026/04/30 12:0 a.m.•5 views

Low: python-pip

Issue Overview: When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical...

2CVSS5.2AI score0.0039EPSS

Exploits1

Tenable Nessus•added 2026/04/30 12:0 a.m.•7 views

Amazon Linux 2 : python-pip, --advisory ALAS2-2026-3256 (ALAS-2026-3256)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3256 advisory. When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation director...

2CVSS5.4AI score0.0039EPSS

Tenable Nessus•added 2026/04/30 12:0 a.m.•6 views

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2026-1589)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1589 advisory. When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation...

CBLMariner•added 2026/04/06 11:43 p.m.•3 views

CVE-2026-1703 affecting package python-virtualenv for versions less than 20.36.1-2

CVE-2026-1703 affecting package python-virtualenv for versions less than 20.36.1-2. A patched version of the package is available...

Tenable Nessus•added 2026/04/01 12:0 a.m.•5 views

Exploits1

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2026-1530)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1530 advisory. When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation...

Tenable Nessus•added 2026/04/01 12:0 a.m.•5 views

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1531)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1531 advisory. When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation...

Tenable Nessus•added 2026/03/30 12:0 a.m.•4 views

Amazon Linux 2023 : python3.13-pip, python3.13-pip-wheel (ALAS2023-2026-1490)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1490 advisory. When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation...

Amazon•added 2026/03/27 12:0 a.m.•5 views

Low: python3.13-pip

OpenVAS•added 2026/03/06 12:0 a.m.•3 views

Exploits1

openSUSE Security Advisory (SUSE-SU-2026:0805-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tenable Nessus•added 2026/03/06 12:0 a.m.•4 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-pip (SUSE-SU-2026:0805-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0805-1 advisory. - CVE-2026-1703: Fixed a potential path traversal in python-pip. bsc1257599 Tenable has extracted the...

Tenable Nessus•added 2026/03/05 12:0 a.m.•8 views

TencentOS Server 4: python-pip (TSSA-2026:0096)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0096 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

2CVSS6AI score0.0039EPSS

Exploits1References2

SUSE Linux•added 2026/03/04 12:58 p.m.•5 views

Security update for python-pip

This update for python-pip fixes the following issues: CVE-2026-1703: Fixed a potential path traversal in python-pip. bsc1257599 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

3.1CVSS5.9AI score0.0039EPSS

OSV•added 2026/03/04 12:58 p.m.•4 views

SUSE-SU-2026:0805-1 Security update for python-pip

This update for python-pip fixes the following issues: - CVE-2026-1703: Fixed a potential path traversal in python-pip. bsc1257599...

OSV•added 2026/02/28 12:44 p.m.•6 views

OESA-2026-1447 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...

8.9CVSS7.2AI score0.00524EPSS

OSV•added 2026/02/28 12:44 p.m.•16 views

OESA-2026-1446 python-pip security update

OSV•added 2026/02/28 12:44 p.m.•4 views

Exploits1References2

OESA-2026-1444 python-pip security update

8.9CVSS5.9AI score0.00524EPSS

Tenable Nessus•added 2026/02/15 12:0 a.m.•8 views

openSUSE 16 Security Update : python-pip (openSUSE-SU-2026:20202-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20202-1 advisory. - CVE-2026-1703: files may be extracted outside the installation directory when installing and extracting maliciously crafted wheel archives bsc1257599...

2CVSS5.5AI score0.0039EPSS