11 matches found
PYSEC-2026-196
pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...
PYSEC-2026-196
pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...
PYSEC-0000-CVE-2026-8643
pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...
CVE-2026-8643
pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...
CVE-2026-8643
pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...
CVE-2026-8643 pip can extract console_scripts and gui_scripts outside installation directory
pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...
CVE-2026-8643 pip can extract console_scripts and gui_scripts outside installation directory
pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...
CVE-2026-8643
pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...
CVE-2026-8643
CVE-2026-8643 affects pip: a flaw in how entry-point names in wheel files are handled can cause path traversal and arbitrary file overwrite during wheel installation. Exploitation can overwrite files outside the installation directory. Reports from SUSE, AWS Amazon Linux advisories, and Red Hat r...
EUVD-2026-33682
pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...
PT-2026-45480
Name of the Vulnerable Software and Affected Versions pip affected versions not specified Description pip fails to sanitize the resolved absolute path to the installation directory when treating console scripts and gui scripts as paths rather than file names. This allows entry points to be...