Sunday, September 26, 2021

Huawei EulerOS: CVE-2021-3572: python-pip security update

Description
Affected versions of this package are vulnerable to Improper Input Validation. Splitting on unicode separators in git references could be maliciously used to install a different revision on the repository.
Solution(s)
  • huawei-euleros-2_0_sp8-upgrade-python-pip-wheel
  • huawei-euleros-2_0_sp8-upgrade-python2-pip
  • huawei-euleros-2_0_sp8-upgrade-python3-pip


  • References
  • https://attackerkb.com/topics/cve-2021-3572
  • CVE - 2021-3572
  • EulerOS-SA-2021-2484




  •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore