9 matches found
SUSE CVE-2013-5123
The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...
Mageia: Security Advisory (MGASA-2015-0180)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-5123
The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...
CVE-2013-5123
The CVE-2013-5123 issue affects Python-pip prior to 1.5, where the mirroring support (-M/--use-mirrors) performs insecure DNS queries and lacks proper authenticity checks, enabling MITM-like download tampering. Connected advisories confirm this vulnerability and describe the fix as removing the m...
CVE-2013-5123
The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...
Security Bulletin: Vulnerabilities in Python affect PowerKVM (CVE-2013-5123, CVE-2014-8991)
Summary PowerKVM is affected by two vulnerabilities in Python. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2013-5123 DESCRIPTION: Python pip could allow a remote attacker to bypass security restrictions, caused by the implementation of the mirroring support without...
Updated python-pip packages fix security vulnerabilities
Updated python-pip and python-virtualenv packages fix security vulnerability: The mirroring support in python-pip was implemented without any sort of authenticity checks and is downloaded over plaintext HTTP. Further more by default it will dynamically discover the list of available mirrors by...
Fedora 21 : python-virtualenv-12.0.7-1.fc21 (2015-5974)
Security fix for CVE-2013-5123 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 20 : python-virtualenv-12.0.7-1.fc20 (2015-6006)
Security fix for CVE-2013-5123 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...