CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Tenable Nessus•added 2026/05/20 12:0 a.m.•5 views

Amazon Linux 2023 : python3.14-pip, python3.14-pip-wheel (ALAS2023-2026-1653)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1653 advisory. pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferr...

5.3CVSS5.8AI score0.00017EPSS

Exploits0References4

Positive Technologies•added 2026/04/27 12:0 a.m.•2 views

PT-2026-35435

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

5.3CVSS5.3AI score0.00017EPSS

Exploits0References6

Tenable Nessus•added 2024/12/23 12:0 a.m.•13 views

Amazon Linux 2 : python38-pip (ALASPYTHON3.8-2024-017)

The version of python38-pip installed on the remote host is prior to 21.0.1-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2PYTHON3.8-2024-017 advisory. Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is...

5.6CVSS6.5AI score0.00044EPSS

Exploits0References4

vulnersOsv•added 2023/10/25 6:17 p.m.•3 views

aadetools (>=0.0.3 <=0.0.5), adversarial-insight-ml (=0.1.0) +311 more potentially affected by CVE-2023-5752 via pip (>=10.0.0b2 <=23.2.1)

pip PYPI version =10.0.0b2, =0.0.3, =2.0.0, =0.1.2, =0.0.1, =1.8.15, =1.8.17, =0.1.0, =0.2.3, =1.8.14, =2022.7.7, =2.0.3, =1.2.0, =1.3.0 - ak-sw-benchmarker =0.0.9 and more Source cves: CVE-2023-5752 Source advisory: OSV:PYSEC-2023-228...

5.5CVSS6.7AI score0.00075EPSS

Exploits0

OSV•added 2023/10/17 8:15 p.m.•2 views

AZL-35785 CVE-2023-45803 affecting package python-pip for versions less than 24.2-1

urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body like POST to GET as is required by HT...

4.2CVSS6.3AI score0.00056EPSS

Exploits0References1

OSV•added 2021/11/10 6:15 p.m.•75 views

PYSEC-2021-437

A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1...

5.7CVSS4AI score0.0024EPSS

Exploits2References2

OSV•added 2020/12/29 7:45 a.m.•8 views

OPENSUSE-SU-2020:2333-1 Security update for python3

This update for python3 fixes the following issues: - Fixed CVE-2020-27619 bsc1178009, where Lib/test/multibytecodecsupport calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and...

9.8CVSS6.9AI score0.05355EPSS

Exploits4References17