9169 matches found
RHEL 8 : python-pip (RHSA-2020:4432)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4432 advisory. pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package...
UBUNTU-CVE-2020-13328
An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13. GitLab was vulnerable to a stored XSS by using the PyPi files API...
GitLab Cross-Site Scripting Vulnerability (CNVD-2020-57833)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab...
RHEL 8 : python-pip (RHSA-2020:1916)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1916 advisory. pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python...
python3 security update
CentOS Errata and Security Advisory CESA-2020:0850 An update for python-pip is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
aileen (>=0.2.0.dev20181221 <=0.2.1), autogenerated-api (=1.1.9) +37 more potentially affected by CVE-2019-6975 via django (>=1.11.0 <=1.11.18)
django PYPI version =1.11.0, =0.2.0.dev20181221, =0.0.19, =4.4.1, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =1.0.1 - django-defender =0.5.0 - django-galaxy =0.0.1 - django-gfiles =0.0.1 and more Source cves: CVE-2019-6975 Source advisory: OSV:PYSEC-2019-18...
x86 to LLVM Bitcode Translation Framework: McSema
x86 to LLVM Bitcode Translation Framework McSema lifts x86 and amd64 binaries to LLVM bitcode modules. McSema support both Linux and Windows binaries, and most x86 and amd64 instructions, including integer, FPU, and SSE operations. McSema is separated into two conceptual parts: control flow...
PYSEC-2013-8
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...
UBUNTU-CVE-2013-1629
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...