Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OpenVAS
OpenVASadded 2026/03/19 12:0 a.m.7 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1640)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.00022EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/03/16 12:0 a.m.2 views

EulerOS 2.0 SP11 : python-pip (EulerOS-SA-2026-1618)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP...

5.9CVSS5.9AI score0.00022EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/02/02 12:0 a.m.2 views

EulerOS 2.0 SP13 : python-pip (EulerOS-SA-2026-1226)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP...

5.9CVSS5.5AI score0.00022EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/10/15 12:0 a.m.2 views

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2025-1216)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1216 advisory. When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706.Note that upgrading pip to a fixed version for this...

5.9CVSS7.4AI score0.00022EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/09/24 2:56 p.m.2 views

CVE-2025-8869 Fallback tar extraction in pip doesn't check symbolic links point to extraction directory

When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities that are remediated by using a Python versi...

5.9CVSS6.5AI score0.00022EPSS
Exploits0References2
Oracle linux
Oracle linuxadded 2023/11/17 12:0 a.m.59 views

python3.11-pip security update

22.3.1-4 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218249 22.3.1-3 - Fix changelog to contain Fedora contributors Resolves: RHEL-232...

9.8CVSS6.7AI score0.89361EPSS
Exploits3
Oracle linux
Oracle linuxadded 2023/11/17 12:0 a.m.394 views

python-pip security update

9.0.3-23 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218241...

9.8CVSS6.7AI score0.89361EPSS
Exploits3
Oracle linux
Oracle linuxadded 2023/11/11 12:0 a.m.113 views

python-pip security update

21.2.3-7 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2207997...

6.8CVSS6.7AI score0.89361EPSS
Exploits3
Oracle linux
Oracle linuxadded 2023/11/11 12:0 a.m.49 views

python3.11-pip security update

22.3.1-4 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218247 22.3.1-3 - Fix changelog to contain Fedora contributors Resolves: RHEL-232...

6.8CVSS6.7AI score0.89361EPSS
Exploits3
Rows per page
Query Builder