17 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-1633
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which...
SUSE CVE-2013-1633
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
GHSA-27X4-J476-JP5F Setuptools vulnerable to Man-in-the-middle attacks
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
Setuptools vulnerable to Man-in-the-middle attacks
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
[SECURITY] Fedora 28 Update: python-XStatic-jquery-ui-1.12.0.1-2.fc28
JavaScript library packaged for setuptools easyinstall / pip. This package is intended to be used by any project that needs these files. It intentionally does not provide any extra code except some metadata nor has any extra requirements...
Speedtest - Command Line Interface for Testing Internet Bandwidth
speedtest-cli is a command line interface for testing internet bandwidth using speedtest.net Installation pip / easyinstall pip install speedtest-cli or easyinstall speedtest-cli Github pip install git+https://github.com/sivel/speedtest-cli.git or git clone...
[SECURITY] Fedora 21 Update: python-pip-1.5.6-3.fc21
Pip is a replacement for easyinstall . It uses mostly the same techniques for finding packages, so packages that were made easyinstallable should be pip-installable as well...
Design/Logic Flaw
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
CVE-2013-1633
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
PYSEC-2013-22
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
PYSEC-2013-22
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
CVE-2013-1633
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
CVE-2013-1633
CVE-2013-1633 affects setuptools’ easy_install, where prior to version 0.7 it retrieved packages over HTTP without integrity checks, enabling MITM execution of arbitrary code. Affected component: python-setuptools/setuptools. Impact: remote code execution via crafted responses. Root cause: lack o...
[SECURITY] Fedora 17 Update: python-pip-1.3.1-4.fc17
Pip is a replacement for easyinstall . It uses mostly the same techniques for finding packages, so packages that were made easyinstallable should be pip-installable as well...
Fedora Update for python-pip FEDORA-2013-6762
Check for the Version of python-pip OpenVAS Vulnerability Test Fedora Update for python-pip FEDORA-2013-6762 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Fedora Update for python-pip FEDORA-2013-6727
Check for the Version of python-pip OpenVAS Vulnerability Test Fedora Update for python-pip FEDORA-2013-6727 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
[SECURITY] Fedora 19 Update: python-pip-1.3.1-1.fc19
Pip is a replacement for easyinstall . It uses mostly the same techniques for finding packages, so packages that were made easyinstallable should be pip-installable as well...