VYPR

rpm package

almalinux/python3.11-pip-wheel

pkg:rpm/almalinux/python3.11-pip-wheel

Vulnerabilities (1)

  • CVE-2007-4559CriAug 28, 2007
    affected < 22.3.1-4.el9fixed 22.3.1-4.el9

    Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.