Lucene search
K

9 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.3 views

SUSE CVE-2013-5123

The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...

5.9CVSS6.9AI score0.07987EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2015-0180)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.07987EPSS
Exploits1References6
OSV
OSV
added 2019/11/05 10:15 p.m.9 views

CVE-2013-5123

The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...

5.9CVSS5.8AI score0.07987EPSS
Exploits1References16
CVE
CVE
added 2019/11/05 9:16 p.m.103 views

CVE-2013-5123

The CVE-2013-5123 issue affects Python-pip prior to 1.5, where the mirroring support (-M/--use-mirrors) performs insecure DNS queries and lacks proper authenticity checks, enabling MITM-like download tampering. Connected advisories confirm this vulnerability and describe the fix as removing the m...

5.9CVSS5.4AI score0.07987EPSS
Exploits1References8Affected Software2
Debian CVE
Debian CVE
added 2019/11/05 9:16 p.m.58 views

CVE-2013-5123

The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...

5.9CVSS5.5AI score0.07987EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:29 a.m.26 views

Security Bulletin: Vulnerabilities in Python affect PowerKVM (CVE-2013-5123, CVE-2014-8991)

Summary PowerKVM is affected by two vulnerabilities in Python. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2013-5123 DESCRIPTION: Python pip could allow a remote attacker to bypass security restrictions, caused by the implementation of the mirroring support without...

5.9CVSS0.3AI score0.07987EPSS
Exploits1Affected Software1
Mageia
Mageia
added 2015/05/03 12:19 a.m.49 views

Updated python-pip packages fix security vulnerabilities

Updated python-pip and python-virtualenv packages fix security vulnerability: The mirroring support in python-pip was implemented without any sort of authenticity checks and is downloaded over plaintext HTTP. Further more by default it will dynamically discover the list of available mirrors by...

5.9CVSS5.8AI score0.07987EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/04/22 12:0 a.m.32 views

Fedora 21 : python-virtualenv-12.0.7-1.fc21 (2015-5974)

Security fix for CVE-2013-5123 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

5.9CVSS5.9AI score0.07987EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/04/22 12:0 a.m.28 views

Fedora 20 : python-virtualenv-12.0.7-1.fc20 (2015-6006)

Security fix for CVE-2013-5123 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

5.9CVSS5.9AI score0.07987EPSS
Exploits1References3
Rows per page
Query Builder