NewStart CGSL MAIN 6.06 : python-pip Vulnerability (NS-SA-2025-0209)

The remote NewStart CGSL host, running version MAIN 6.06, has python-pip packages installed that are affected by a vulnerability: - pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory. CVE-2013-1888 Note that Ness...

NewStart CGSL MAIN 6.06 : python-pip Vulnerability (NS-SA-2025-0244)

The remote NewStart CGSL host, running version MAIN 6.06, has python-pip packages installed that are affected by a vulnerability: - Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote attackers to execute arbitrary cod...

Linux Distros Unpatched Vulnerability : CVE-2025-8869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that...

OESA-2025-2338 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 5 Summary: A...

OESA-2025-2337 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 5 Summary: A...

Fedora 41 : python-pip (2025-870a69fa85)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-870a69fa85 advisory. Security fix for the bundled urllib3 for CVE-2025-50181 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

Fedora: Security Advisory (FEDORA-2025-870a69fa85)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

aaanalysis (>=0.1.2 <=1.0.0), aadetools (>=0.0.3 <=0.0.5) +538 more potentially affected by CVE-2025-8869 via pip (>=10.0.0b2 <=25.1.1)

pip PYPI version =10.0.0b2, =0.1.2, =0.0.3, =0.5.14, =0.1.1, =2.0.0, =0.2.1, =0.1.2, =0.0.1, =0.1.0, =0.1.10, =0.2.0, =0.68.0, =1.8.15, =1.8.17, =1.8.19 and more Source cves: CVE-2025-8869 Source advisory: SNYK:PYTHON-PIP-13045331...

Ubuntu: Security Advisory (USN-7762-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20250924-01

The vulnerability of the pip module of the Python programming language is related to the failure to clean data at the control layer. Exploitation of the vulnerability could allow an attacker to change the repository configuration...

OESA-2025-2317 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 3 Summary: A...

Fedora 42 : python-pip (2025-6d50efcd0c)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6d50efcd0c advisory. Security fix for the bundled urllib3 for CVE-2025-50181 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

Fedora: Security Advisory (FEDORA-2025-6d50efcd0c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2025-2175 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 3 Summary: A...

OESA-2025-2173 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 3 Summary: A...

ROOT-OS-DEBIAN-12-CVE-2018-20225 CVE-2018-20225 in rootio-python-pip - Patched by Root

Root has patched CVE-2018-20225 in the rootio-python-pip package for Root:Debian:12. Multiple fixed versions available...

OESA-2025-1979 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 3 Summary: A...

Medium: python3.11-pip

Issue Overview: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc...

Medium: python-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An...

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2025-1096)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1096 advisory. urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disab...