Lucene search
K

1249 matches found

Rockylinux
Rockylinux
added 2026/07/08 12:6 p.m.5 views

python3.14-pip security update

An update is available for python3.14-pip. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

8CVSS6.1AI score0.0032EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/07/08 12:3 p.m.4 views

python3.14-pip security update

An update is available for python3.14-pip. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

8CVSS6.1AI score0.0032EPSS
Exploits0
OSV
OSV
added 2026/07/08 10:9 a.m.9 views

RHSA-2026:36315 Red Hat Security Advisory: python3.14-pip security update

Bulletin has no description...

8CVSS7.1AI score0.0032EPSS
Exploits0References8
OSV
OSV
added 2026/07/08 10:9 a.m.4 views

RHSA-2026:36193 Red Hat Security Advisory: python3.14-pip security update

Bulletin has no description...

8CVSS7.1AI score0.0032EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/07 8:17 p.m.2 views

pip: pip: Incorrect file installation due to improper archive handling

A flaw was found in pip. This vulnerability occurs because pip incorrectly processes concatenated tar and ZIP files as ZIP files, regardless of their true format. This improper handling can lead to confusing installation behavior, potentially causing the installation of unintended or 'incorrect'...

4.6CVSS6.5AI score0.00144EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/07 8:17 p.m.5 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python-pip: python-pip-wheel-26.1.2-1.hum1 noarch python3-pip-26.1.2-1.hum1 noarch python-pip-26.1.2-1.hum1.src src Security Fixes: python-pip: CVE-2026-8643...

8CVSS5.9AI score0.0032EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/07 4:54 p.m.5 views

python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite

A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially crafted entry-point names that use directory traversal or absolute paths. This allows pip to wri...

8CVSS7.4AI score0.0032EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/07 4:54 p.m.8 views

Important: Red Hat Security Advisory: python3.14-pip security update

An update for python3.14-pip is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8CVSS7.3AI score0.0032EPSS
Exploits0References2
OSV
OSV
added 2026/07/07 11:45 a.m.5 views

PYSEC-2026-1138 Apache HDFS Provider error message suggested

In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The...

7.8CVSS6.8AI score0.0046EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 11:25 a.m.7 views

python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite

A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially crafted entry-point names that use directory traversal or absolute paths. This allows pip to wri...

8CVSS7.4AI score0.0032EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2026/07/07 12:0 a.m.5 views

Important: python3.14-pip security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8CVSS6AI score0.0032EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 11:44 p.m.9 views

MAL-2026-6752 Malicious code in confighub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 805d9b5848999d2ba85368446cb12d90bf350b8201a78dd475079c04f180dd81 confighub 7.0.1 declares installrequires='procwire' and imports procwire at package load in init.py under a version gate that silently swallows...

6.3AI score
Exploits0References4
OSV
OSV
added 2026/07/03 7:35 p.m.3 views

SUSE-SU-2026:2758-1 Security update for python-pip

This update for python-pip fixes the following issues - CVE-2026-3219: pip doesn't reject concatenated ZIP bsc1262429. - CVE-2026-6357: pip self-update functionality can import newly installed modules after wheel installation bsc1263442...

5.3CVSS6.7AI score0.00144EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/02 12:14 p.m.2 views

python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite

A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially crafted entry-point names that use directory traversal or absolute paths. This allows pip to wri...

8CVSS7.1AI score0.0032EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/02 12:14 p.m.8 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python-pip: python-pip-wheel-26.1.1-3.1.hum1 noarch python3-pip-26.1.1-3.1.hum1 noarch python-pip-26.1.1-3.1.hum1.src src Security Fixes: python-pip: CVE-2026-8643...

8CVSS7.2AI score0.0032EPSS
Exploits0References3
CVE
CVE
added 2026/07/02 2:18 a.m.20 views

CVE-2026-57264

GeoWebPlayer’s Websocket Server (used by GV-VMS/GV-Cloud) exposes a command interface where many commands accept an index that is not consistently validated. The Talos and CVE records describe multiple CVEs (e.g., CVE-2026-57264) across several commands (connectInfo, setStream, setPIP, audio, sna...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.7 views

SUSE SLED15 / SLES15 Security Update : python-pip (SUSE-SU-2026:2634-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2634-1 advisory. This update for python-pip fixes the following issues - CVE-2026-3219: pip doesn't reject concatenated ZIP...

8CVSS5.9AI score0.0032EPSS
Exploits0References10
OSV
OSV
added 2026/06/25 1:55 p.m.2 views

SUSE-SU-2026:2634-1 Security update for python-pip

This update for python-pip fixes the following issues - CVE-2026-3219: pip doesn't reject concatenated ZIP bsc1262429. - CVE-2026-6357: pip self-update functionality can import newly installed modules after wheel installation bsc1263442. - CVE-2026-8643: path traversal via malicious entry point...

8CVSS6.4AI score0.0032EPSS
Exploits0References7
NVD
NVD
added 2026/06/22 10:16 p.m.9 views

CVE-2025-71344

picklescan before 0.0.30 affected versions 0.0.26 and earlier fails to detect the ensurepip.runpip built-in function when scanning pickle files, allowing attackers to execute arbitrary code. Malicious pickle files embedding ensurepip.runpip calls in reduce methods bypass picklescan detection and...

8.1CVSS0.00367EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 9:4 p.m.4 views

CVE-2025-71344 picklescan - Arbitrary Code Execution via Undetected ensurepip._run_pip Function

picklescan before 0.0.30 affected versions 0.0.26 and earlier fails to detect the ensurepip.runpip built-in function when scanning pickle files, allowing attackers to execute arbitrary code. Malicious pickle files embedding ensurepip.runpip calls in reduce methods bypass picklescan detection and...

7.6CVSS6.8AI score0.00367EPSS
Exploits0References4
Rows per page
Query Builder