7 matches found
Low: python3.11-pip
Issue Overview: When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical...
CVE-2026-1703 affecting package python-pip for versions less than 24.2-6
CVE-2026-1703 affecting package python-pip for versions less than 24.2-6. A patched version of the package is available...
SUSE: Security Advisory (SUSE-SU-2026:20423-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python311-pip-26.0.1-1.1 on GA media (moderate)
python311-pip-26.0.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10210-1 Rating: moderate Cross-References: CVE-2026-1703 CVSS scores: CVE-2026-1703 SUSE : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-1703 SUSE : 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA...
CVE-2026-1703 vulnerabilities
Vulnerabilities for packages: pgadmin4-fips, kubeflow-katib, awx, py3-cassandra-medusa, graalvm, py3-virtualenv, datadog-agent, airflow, tensorflow-cpu-jupyter, localstack, dask-gateway, pypy-3.10, ansible-operator-fips, request-1276, ansible-operator, pgadmin4, datadog-agent-fips,...
BELL-CVE-2026-1703
Bulletin has no description...
DEBIAN-CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...