VYPR

rpm package

suse/python-pip&distro=SUSE Linux Enterprise Server 12 SP5

pkg:rpm/suse/python-pip&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Vulnerabilities (1)

  • CVE-2023-5752Oct 24, 2023
    affected < 10.0.1-13.14.1fixed 10.0.1-13.14.1

    When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can m