Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

21 – 24 of 24 results


CVE-2018-18074

Medium priority

Some fixes available 15 of 16

The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing...

2 affected packages

python-pip, requests

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-pip Not affected Not affected Not affected Fixed Vulnerable
requests Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2014-8991

Low priority
Ignored

pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.

1 affected packages

python-pip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-pip Not affected Not affected
Show less packages

CVE-2013-1888

Low priority
Ignored

pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.

1 affected packages

python-pip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-pip Not affected
Show less packages

CVE-2013-1629

Medium priority
Ignored

pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip...

2 affected packages

python-pip, python-virtualenv

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-pip Not affected Not affected
python-virtualenv Not affected Not affected
Show less packages