Expat 输入验证错误漏洞

Expat is a fast streaming XML parser written in C. A security vulnerability existed prior to Expat 2.4.5, which could be exploited by attackers to insert namespace separators into namespace URIs...

UBUNTU-CVE-2022-25236

xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...

AlmaLinux 8 : python-pip (ALSA-2021:4455)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4455 advisory. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different...

nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on...

openSUSE: Security Advisory for python-pip (openSUSE-SU-2021:4001-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Mageia: Security Advisory (MGASA-2021-0371)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: python-pip

Issue Overview: A flaw was found in python-urllib3. SSL certificate validation is omitted in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy if an SSLContext isn't given via proxyconfig doesn't verify the hostname of the certificate. This means certificates...

SUSE SLED15 / SLES15 Security Update : python39-pip (SUSE-SU-2022:0064-1)

The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:0064-1 advisory. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to...

SUSE SLES12 Security Update : python36-pip (SUSE-SU-2022:0060-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:0060-1 advisory. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue...

OPENSUSE-SU-2022:0064-1 Security update for python39-pip

This update for python39-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references bsc1186819...

SUSE-SU-2022:0064-1 Security update for python39-pip

This update for python39-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references bsc1186819...

SUSE-SU-2022:0060-1 Security update for python36-pip

This update for python36-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references bsc1186819...

Security update for python39-pip (moderate)

openSUSE Security Update: Security update for python39-pip Announcement ID: openSUSE-SU-2022:0064-1 Rating: moderate References: 1186819 Cross-References: CVE-2021-3572 CVSS scores: CVE-2021-3572 SUSE: 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N Affected Products: openSUSE Leap 15.3 An updat...

SUSE: Security Advisory (SUSE-SU-2021:4051-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:4051-1 Security update for python-pip

This update for python-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references bsc1186819...

SUSE SLED15 / SLES15 Security Update : python-pip (SUSE-SU-2021:4001-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:4001-1 advisory. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to...

SUSE SLED15 / SLES15 Security Update : python-pip (SUSE-SU-2021:4002-1)

The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2021:4002-1 advisory. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to...

OPENSUSE-SU-2021:4002-1 Security update for python-pip

This update for python-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references bsc1186819...

OPENSUSE-SU-2021:4001-1 Security update for python-pip

This update for python-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references bsc1186819...

SUSE-SU-2021:4001-1 Security update for python-pip

This update for python-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references bsc1186819...