Lucene search
K

6 matches found

NVD
NVD
added 2013/08/06 2:52 a.m.18 views

CVE-2013-1629

pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...

6.8CVSS7.2AI score0.06217EPSS
Exploits1References6
OSV
OSV
added 2013/08/06 2:52 a.m.7 views

CVE-2013-1629

pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...

7.1AI score
Exploits0References9
UbuntuCve
UbuntuCve
added 2013/08/06 2:52 a.m.30 views

CVE-2013-1629

pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...

6.8CVSS6.2AI score0.06217EPSS
Exploits1References1
Cvelist
Cvelist
added 2013/08/06 1:0 a.m.24 views

CVE-2013-1629

pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...

7.1AI score0.06217EPSS
Exploits1References6
CVE
CVE
added 2013/08/06 1:0 a.m.87 views

CVE-2013-1629

CVE-2013-1629 affects the Python package manager pip prior to 1.3, which fetched packages over HTTP from PyPI and did not perform integrity checks. This enables a man-in-the-middle to modify package content and potentially execute arbitrary code during a pip install. Connected advisories (GHSA-G3...

6.8CVSS7.3AI score0.06217EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2013/08/06 1:0 a.m.25 views

CVE-2013-1629

pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...

6.8CVSS7.1AI score0.06217EPSS
Exploits1
Rows per page
Query Builder