NewStart CGSL MAIN 6.01 : python-pip Multiple Vulnerabilities (NS-SA-2020-0035)

The remote NewStart CGSL host, running version MAIN 6.01, has python-pip packages installed that are affected by multiple vulnerabilities: - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA...

Scientific Linux Security Update : python-pip on SL7.x (noarch) (20200512)

Security Fixes : - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 - python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-11236 - python-urllib3:...

python-pip security update

...

CVE-2018-20225

A flaw was found in python-pip. The software installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exi...

Moderate: Red Hat Security Advisory: python-pip security update

An update for python-pip is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 7 : python-pip (RHSA-2020:2068)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2068 advisory. pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python...

python-pip security update

9.0.3-16 - Add four new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2019-11324, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1702473 Resolves: rhbz1643829...

RHEL 8 : python-pip (RHSA-2020:1916)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1916 advisory. pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python...

Moderate: Red Hat Security Advisory: python-pip security update

An update for python-pip is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

EulerOS Virtualization for ARM 64 3.0.6.0 : python-pip (EulerOS-SA-2020-1354)

According to the versions of the python-pip package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2020-1354)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : python-pip (RHSA-2020:0850)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0850 advisory. - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect...

CentOS: Security Advisory for python3-pip (CESA-2020:0850)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

RHEL 7 : python-pip (RHSA-2020:0850)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0850 advisory. pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python...

Oracle Linux 7 : python-pip (ELSA-2020-0850)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0850 advisory. 9.0.3-7 - Bump Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1702473 Resolves: rhbz1643829 9.0.3-6 - Add four new patches for CVEs in bundl...

python-pip security update

9.0.3-7 - Bump Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1702473 Resolves: rhbz1643829 9.0.3-6 - Add four new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2019-11324, CVE-2018-18074 Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves:...

Scientific Linux Security Update : python-pip on SL7.x (noarch) (20200317)

Security Fixes : - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 - python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-11236 - python-urllib3:...

EulerOS 2.0 SP8 : python-pip (EulerOS-SA-2020-1176)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS stor...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2020-1176)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : python-pip (ALAS-2020-1340)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1340 advisory. In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. CVE-2019-11236 The urllib3 library before 1.24.2 for Python mishandles...