Lucene search
K

7 matches found

Amazon
Amazon
added 2026/04/01 12:0 a.m.6 views

Low: python3.11-pip

Issue Overview: When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical...

2CVSS5.8AI score0.0039EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.4 views

CVE-2026-1703 affecting package python-pip for versions less than 24.2-6

CVE-2026-1703 affecting package python-pip for versions less than 24.2-6. A patched version of the package is available...

2CVSS5.8AI score0.0039EPSS
Exploits1
OpenVAS
OpenVAS
added 2026/02/20 12:0 a.m.5 views

SUSE: Security Advisory (SUSE-SU-2026:20423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2CVSS5.5AI score0.0039EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/17 12:0 a.m.3 views

python311-pip-26.0.1-1.1 on GA media (moderate)

python311-pip-26.0.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10210-1 Rating: moderate Cross-References: CVE-2026-1703 CVSS scores: CVE-2026-1703 SUSE : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-1703 SUSE : 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA...

3.1CVSS5.5AI score0.0039EPSS
Exploits1
Chainguard
Chainguard
added 2026/02/04 7:17 p.m.7 views

CVE-2026-1703 vulnerabilities

Vulnerabilities for packages: pgadmin4-fips, kubeflow-katib, awx, py3-cassandra-medusa, graalvm, py3-virtualenv, datadog-agent, airflow, tensorflow-cpu-jupyter, localstack, dask-gateway, pypy-3.10, ansible-operator-fips, request-1276, ansible-operator, pgadmin4, datadog-agent-fips,...

2CVSS6.4AI score0.0039EPSS
Exploits1
OSV
OSV
added 2026/02/03 6:8 a.m.7 views

BELL-CVE-2026-1703

Bulletin has no description...

2CVSS5.7AI score0.0039EPSS
Exploits1References1
OSV
OSV
added 2026/02/02 3:16 p.m.7 views

DEBIAN-CVE-2026-1703

When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...

2CVSS5.2AI score0.0039EPSS
Exploits1References1
Rows per page
Query Builder