Lucene search
K

4 matches found

OSV
OSV
added 2026/05/22 1:16 p.m.12 views

OESA-2026-2360 python-pip security update

%changelog Thu Apr 9 2026 yixiangzhike [email protected] - 23.3.1-10 - Fix CVE-2026-25645 Security Fixes: pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavio...

4.6CVSS5.8AI score0.00144EPSS
Exploits0References2
NVD
NVD
added 2026/04/20 4:16 p.m.4 views

CVE-2026-3219

pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to the filename of the archive. New behavior only proceeds wit...

4.6CVSS0.00144EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/20 2:55 p.m.7 views

CVE-2026-3219

pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to the filename of the archive. New behavior only proceeds wit...

4.6CVSS5.7AI score0.00144EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/09/12 8:11 p.m.12 views

libarchive: Undefined behavior / invalid shiftleft in TAR parser

Undefined behavior invalid left shift was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read...

5.5CVSS5.7AI score0.02214EPSS
Exploits1References4
Rows per page
Query Builder