Medium: python-pip

Issue Overview: Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. CVE-2007-4559...

Amazon Linux 2 : python-pip (ALAS-2025-2799)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2799 advisory. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as globally reachable or private. This affected the isprivate and isglobal properties of...

Low: python-pip

Issue Overview: The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address...

python-pip bug fix and enhancement update

An update is available for python-pip. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9...

Linux Distros Unpatched Vulnerability : CVE-2021-3572

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a differen...

Mageia: Security Advisory (MGASA-2025-0055)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python-pip packages fix security vulnerability

Mercurial configuration injectable in repo revision when installing via pip. CVE-2023-5752...

MGASA-2025-0055 Updated python-pip packages fix security vulnerability

Mercurial configuration injectable in repo revision when installing via pip. CVE-2023-5752...

CVE-2018-20225 affecting package python-pip 19.2-2

CVE-2018-20225 affecting package python-pip 19.2-2. No patch is available currently...

Medium: python-pip

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

Medium: python-pip

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

Medium: python-pip

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

CVE-2024-37891 affecting package python-pip for versions less than 24.2-2

CVE-2024-37891 affecting package python-pip for versions less than 24.2-2. A patched version of the package is available...

Medium: python3.11-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python3.11-pip Issue Correction: Run dnf update python3.11-pip --releasever 2023.6.20241111 or dnf update --advisory ALAS2023-2024-762 --releasever...

Medium: python-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python-pip Issue Correction: Run dnf update python-pip --releasever 2023.6.20241111 to update your system. New Packages: noarch: ...

Medium: python-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python-pip Issue Correction: Run dnf update python-pip --releasever 2023.6.20241111 or dnf update --advisory ALAS2023-2024-764 --releasever...

Medium: python-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python-pip Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Amazon Linux 2 : python-pip (ALAS-2024-2679)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2679 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description block directly from the tested product securit...

Medium: python-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python-pip Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Ubuntu: Security Advisory (USN-7084-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...