2 matches found
Mercurial configuration injectable in repo revision when installing via pip
...
USN-4961-1: pip vulnerability
It was discovered that pip incorrectly handled unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository...