MGASA-2021-0054 Updated python-pip packages fix security vulnerabilities

It was discovered that pip did not properly sanitize the filename during pip install. A remote attacker could possible use this issue to read and write arbitrary files on the host filesystem as root, resulting in a directory traversal attack CVE-2019-20916. urllib3 before 1.25.9 allows CRLF...

Updated python-pip packages fix security vulnerabilities

It was discovered that pip did not properly sanitize the filename during pip install. A remote attacker could possible use this issue to read and write arbitrary files on the host filesystem as root, resulting in a directory traversal attack CVE-2019-20916. urllib3 before 1.25.9 allows CRLF...

CVE-2019-20916 affecting package python-pip 18.0-5

CVE-2019-20916 affecting package python-pip 18.0-5. An upgraded version of the package is available that resolves this issue...

NewStart CGSL CORE 5.05 / MAIN 5.05 : python-pip Multiple Vulnerabilities (NS-SA-2020-0112)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-pip packages installed that are affected by multiple vulnerabilities: - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of...

openSUSE Security Update : python-pip (openSUSE-2020-2184)

This update for python-pip fixes the following issues : - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

OPENSUSE-SU-2020:2184-1 Security update for python-pip

This update for python-pip fixes the following issues: - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916 This update was imported from the SUSE:SLE-15:Update update project...

Security update for python-pip (important)

openSUSE Security Update: Security update for python-pip Announcement ID: openSUSE-SU-2020:2184-1 Rating: important References: 1176262 Cross-References: CVE-2019-20916 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

openSUSE Security Update : python-pip (openSUSE-2020-2169)

This update for python-pip fixes the following issues : - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

OPENSUSE-SU-2020:2169-1 Security update for python-pip

This update for python-pip fixes the following issues: - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916 This update was imported from the SUSE:SLE-15:Update update project...

Security update for python-pip (important)

openSUSE Security Update: Security update for python-pip Announcement ID: openSUSE-SU-2020:2169-1 Rating: important References: 1176262 Cross-References: CVE-2019-20916 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...

SUSE-SU-2020:3599-1 Security update for python-pip

This update for python-pip fixes the following issues: - Add wheel subpackage with the generated wheel for this package bsc1176262, CVE-2019-20916. - Make wheel a separate build run to avoid the setuptools/wheel build cycle...

EulerOS 2.0 SP9 : python-pip (EulerOS-SA-2020-2490)

According to the version of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition head...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2020-2503)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2020-2490)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python-pip (EulerOS-SA-2020-2503)

According to the version of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition head...

SUSE-SU-2020:3565-1 Security update for python-pip

This update for python-pip fixes the following issues: - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916...

Oracle Linux 8 : python-pip (ELSA-2020-4432)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4432 advisory. 9.0.3-18 - Patch for pip install allow directory traversal, leading to arbitrary file write Resolves: rhbz1868016 9.0.3-17 - Remove unused CA bundle from the...

python-pip security update

9.0.3-18 - Patch for pip install allow directory traversal, leading to arbitrary file write Resolves: rhbz1868016 9.0.3-17 - Remove unused CA bundle from the bundled requests library Resolves: rhbz1775200...

Moderate: Red Hat Security Advisory: python-pip security update

An update for python-pip is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 8 : python-pip (RHSA-2020:4432)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4432 advisory. pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package...