616 matches found
EulerOS Virtualization 2.9.1 : python-pip (EulerOS-SA-2021-1728)
According to the version of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - DISPUTED An issue was discovered in pip all versions because it installs the version with the highest version number, even if th...
EulerOS Virtualization 2.9.0 : python-pip (EulerOS-SA-2021-1745)
According to the version of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - DISPUTED An issue was discovered in pip all versions because it installs the version with the highest version number, even if th...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2021-1745)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2021-1728)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2021-1648)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2021-1624)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.0 : python-pip (EulerOS-SA-2021-1648)
According to the version of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a...
NewStart CGSL MAIN 6.02 : python-pip Vulnerability (NS-SA-2021-0081)
The remote NewStart CGSL host, running version MAIN 6.02, has python-pip packages installed that are affected by a vulnerability: - The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a...
EulerOS Virtualization 2.9.1 : python-pip (EulerOS-SA-2021-1624)
According to the version of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2021-1572)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : python-pip (EulerOS-SA-2021-1572)
According to the version of the python-pip package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a...
CentOS 8 : python-pip (CESA-2020:4432)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4432 advisory. - python-pip: directory traversal in downloadhttpurl function in src/pip/internal/download.py CVE-2019-20916 Note that Nessus has not tested for this issue but...
CentOS 8 : python-pip (CESA-2020:1916)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1916 advisory. - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-18074 - python-urllib3: Cross-host redirect does not remov...
MGASA-2021-0054 Updated python-pip packages fix security vulnerabilities
It was discovered that pip did not properly sanitize the filename during pip install. A remote attacker could possible use this issue to read and write arbitrary files on the host filesystem as root, resulting in a directory traversal attack CVE-2019-20916. urllib3 before 1.25.9 allows CRLF...
Updated python-pip packages fix security vulnerabilities
It was discovered that pip did not properly sanitize the filename during pip install. A remote attacker could possible use this issue to read and write arbitrary files on the host filesystem as root, resulting in a directory traversal attack CVE-2019-20916. urllib3 before 1.25.9 allows CRLF...
CVE-2019-20916 affecting package python-pip 18.0-5
CVE-2019-20916 affecting package python-pip 18.0-5. An upgraded version of the package is available that resolves this issue...
NewStart CGSL CORE 5.05 / MAIN 5.05 : python-pip Multiple Vulnerabilities (NS-SA-2020-0112)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-pip packages installed that are affected by multiple vulnerabilities: - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of...
openSUSE Security Update : python-pip (openSUSE-2020-2184)
This update for python-pip fixes the following issues : - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
OPENSUSE-SU-2020:2184-1 Security update for python-pip
This update for python-pip fixes the following issues: - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916 This update was imported from the SUSE:SLE-15:Update update project...
Security update for python-pip (important)
openSUSE Security Update: Security update for python-pip Announcement ID: openSUSE-SU-2020:2184-1 Rating: important References: 1176262 Cross-References: CVE-2019-20916 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...