DLA-4348-1 python-pip - security update

Bulletin has no description...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2025-1211)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1211 advisory. When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706.Note that upgrading pip to a fixed version for this...

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2025-1216)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1216 advisory. When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706.Note that upgrading pip to a fixed version for this...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2025-2243)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2025-2211)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : python-pip (EulerOS-SA-2025-2243)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for...

EulerOS 2.0 SP11 : python-pip (EulerOS-SA-2025-2211)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for...

EUVD-2021-11021

Malware in sbrugna...

EUVD-2021-0186

Malware in sbrugna...

[SECURITY] Fedora 43 Update: python-pip-25.1.1-18.fc43

pip is a package management system used to install and manage software packag es written in Python. Many packages can be found in the Python Package Index PyPI. pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python"...

Fedora 43 : python-pip (2025-b108c70b29)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b108c70b29 advisory. Security fix for the bundled urllib3 for CVE-2025-50181, rc3 bytecode rebuild. Tenable has extracted the preceding description block directly from the Fedora...

NewStart CGSL MAIN 6.06 : python-pip Vulnerability (NS-SA-2025-0209)

The remote NewStart CGSL host, running version MAIN 6.06, has python-pip packages installed that are affected by a vulnerability: - pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory. CVE-2013-1888 Note that Ness...

NewStart CGSL MAIN 6.06 : python-pip Vulnerability (NS-SA-2025-0244)

The remote NewStart CGSL host, running version MAIN 6.06, has python-pip packages installed that are affected by a vulnerability: - Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote attackers to execute arbitrary cod...

Linux Distros Unpatched Vulnerability : CVE-2025-8869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that...

OESA-2025-2338 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 5 Summary: A...

OESA-2025-2337 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 5 Summary: A...

Fedora 41 : python-pip (2025-870a69fa85)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-870a69fa85 advisory. Security fix for the bundled urllib3 for CVE-2025-50181 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

Fedora: Security Advisory (FEDORA-2025-870a69fa85)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

aaanalysis (>=0.1.2 <=1.0.0), aadetools (>=0.0.3 <=0.0.5) +538 more potentially affected by CVE-2025-8869 via pip (>=10.0.0b2 <=25.1.1)

pip PYPI version =10.0.0b2, =0.1.2, =0.0.3, =0.5.14, =0.1.1, =2.0.0, =0.2.1, =0.1.2, =0.0.1, =0.1.0, =0.1.10, =0.2.0, =0.68.0, =1.8.15, =1.8.17, =1.8.19 and more Source cves: CVE-2025-8869 Source advisory: SNYK:PYTHON-PIP-13045331...

Ubuntu: Security Advisory (USN-7762-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...