VYPR
High severityNVD Advisory· Published Nov 10, 2021· Updated Aug 3, 2024

CVE-2021-3572

CVE-2021-3572

Description

A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
pipPyPI
< 21.121.1

Affected products

182

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.