Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/pip@19.0
Typepypi
Namespace
Namepip
Version19.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version26.1.2
Latest_non_vulnerable_version26.1.2
Affected_by_vulnerabilities
0
url VCID-2yeg-n7ac-nbcp
vulnerability_id VCID-2yeg-n7ac-nbcp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1703.json
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1703.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1703
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.09122
published_at 2026-06-11T12:55:00Z
1
value 0.0003
scoring_system epss
scoring_elements 0.09179
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1703
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1703
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1703
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/pip
reference_id
reference_type
scores
0
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip
5
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ
reference_id
reference_type
scores
0
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126875
reference_id 1126875
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126875
7
reference_url https://github.com/pypa/pip/pull/13777
reference_id 13777
reference_type
scores
0
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-02T17:21:09Z/
url https://github.com/pypa/pip/pull/13777
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436000
reference_id 2436000
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436000
9
reference_url https://github.com/pypa/pip/commit/8e227a9be4faa9594e05d02ca05a413a2a4e7735
reference_id 8e227a9be4faa9594e05d02ca05a413a2a4e7735
reference_type
scores
0
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-02T17:21:09Z/
url https://github.com/pypa/pip/commit/8e227a9be4faa9594e05d02ca05a413a2a4e7735
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1703
reference_id CVE-2026-1703
reference_type
scores
0
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1703
11
reference_url https://github.com/advisories/GHSA-6vgw-5pg2-w6jp
reference_id GHSA-6vgw-5pg2-w6jp
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6vgw-5pg2-w6jp
12
reference_url https://access.redhat.com/errata/RHSA-2026:7610
reference_id RHSA-2026:7610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7610
13
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ/
reference_id WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ
reference_type
scores
0
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-02T17:21:09Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ/
fixed_packages
0
url pkg:pypi/pip@26.0
purl pkg:pypi/pip@26.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9vsa-n12m-83az
1
vulnerability VCID-mfyn-s6qq-h3cz
2
vulnerability VCID-n44w-mvu1-3fax
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pip@26.0
aliases CVE-2026-1703, GHSA-6vgw-5pg2-w6jp
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2yeg-n7ac-nbcp
1
url VCID-6vjx-86ky-jyb5
vulnerability_id VCID-6vjx-86ky-jyb5
summary
references
0
reference_url https://access.redhat.com/errata/RHSA-2021:3254
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3254
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3572.json
reference_id
reference_type
scores
0
value 4.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3572.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3572
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47294
published_at 2026-06-11T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47435
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3572
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1962856
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1962856
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2021-437.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2021-437.yaml
7
reference_url https://github.com/pypa/pip
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip
8
reference_url https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
9
reference_url https://github.com/pypa/pip/pull/9827
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/pull/9827
10
reference_url https://packetstormsecurity.com/files/162712/USN-4961-1.txt
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/162712/USN-4961-1.txt
11
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
12
reference_url https://security.archlinux.org/AVG-2036
reference_id AVG-2036
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2036
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3572
reference_id CVE-2021-3572
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3572
14
reference_url https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
reference_id GHSA-5xp3-jfq3-5q8x
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
15
reference_url https://access.redhat.com/errata/RHSA-2021:4160
reference_id RHSA-2021:4160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4160
16
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
17
reference_url https://access.redhat.com/errata/RHSA-2021:4455
reference_id RHSA-2021:4455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4455
18
reference_url https://usn.ubuntu.com/USN-4961-2/
reference_id USN-USN-4961-2
reference_type
scores
url https://usn.ubuntu.com/USN-4961-2/
fixed_packages
0
url pkg:pypi/pip@21.1
purl pkg:pypi/pip@21.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yeg-n7ac-nbcp
1
vulnerability VCID-9vsa-n12m-83az
2
vulnerability VCID-mfyn-s6qq-h3cz
3
vulnerability VCID-n44w-mvu1-3fax
4
vulnerability VCID-wg19-5rpa-8kd8
5
vulnerability VCID-yt6s-kv29-uuau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pip@21.1
aliases CVE-2021-3572, GHSA-5xp3-jfq3-5q8x, PYSEC-2021-437
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6vjx-86ky-jyb5
2
url VCID-9vsa-n12m-83az
vulnerability_id VCID-9vsa-n12m-83az
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6357.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6357.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6357
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04363
published_at 2026-06-11T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04368
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6357
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6357
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6357
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/pip
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip
5
reference_url https://github.com/pypa/pip/commit/b369bfc96cc524e00c267e1693290e6599c36bad
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/commit/b369bfc96cc524e00c267e1693290e6599c36bad
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-6357
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-6357
7
reference_url http://www.openwall.com/lists/oss-security/2026/04/27/7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/27/7
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135110
reference_id 1135110
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135110
9
reference_url https://github.com/pypa/pip/pull/13923
reference_id 13923
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T16:08:15Z/
url https://github.com/pypa/pip/pull/13923
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2463234
reference_id 2463234
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2463234
11
reference_url https://github.com/advisories/GHSA-jp4c-xjxw-mgf9
reference_id GHSA-jp4c-xjxw-mgf9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jp4c-xjxw-mgf9
12
reference_url https://ichard26.github.io/blog/2026/04/whats-new-in-pip-26.1/#security-fixes
reference_id #security-fixes
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-27T16:08:15Z/
url https://ichard26.github.io/blog/2026/04/whats-new-in-pip-26.1/#security-fixes
fixed_packages
0
url pkg:pypi/pip@26.1
purl pkg:pypi/pip@26.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n44w-mvu1-3fax
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pip@26.1
aliases CVE-2026-6357, GHSA-jp4c-xjxw-mgf9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9vsa-n12m-83az
3
url VCID-dhh9-2pp2-bqcm
vulnerability_id VCID-dhh9-2pp2-bqcm
summary The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00005.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00005.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00010.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00010.html
2
reference_url https://github.com/gzpan123/pip/commit/a4c735b14a62f9cb864533808ac63936704f2ace
reference_id
reference_type
scores
url https://github.com/gzpan123/pip/commit/a4c735b14a62f9cb864533808ac63936704f2ace
3
reference_url https://github.com/pypa/pip/compare/19.1.1...19.2
reference_id
reference_type
scores
url https://github.com/pypa/pip/compare/19.1.1...19.2
4
reference_url https://github.com/pypa/pip/issues/6413
reference_id
reference_type
scores
url https://github.com/pypa/pip/issues/6413
5
reference_url https://lists.debian.org/debian-lts-announce/2020/09/msg00010.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/09/msg00010.html
fixed_packages
0
url pkg:pypi/pip@19.2
purl pkg:pypi/pip@19.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yeg-n7ac-nbcp
1
vulnerability VCID-6vjx-86ky-jyb5
2
vulnerability VCID-9vsa-n12m-83az
3
vulnerability VCID-mfyn-s6qq-h3cz
4
vulnerability VCID-n44w-mvu1-3fax
5
vulnerability VCID-wg19-5rpa-8kd8
6
vulnerability VCID-yt6s-kv29-uuau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pip@19.2
aliases PYSEC-2020-192
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dhh9-2pp2-bqcm
4
url VCID-jywv-34a4-4fbz
vulnerability_id VCID-jywv-34a4-4fbz
summary
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00005.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00005.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00010.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00010.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20916.json
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20916.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20916
reference_id
reference_type
scores
0
value 0.00622
scoring_system epss
scoring_elements 0.70677
published_at 2026-06-12T12:55:00Z
1
value 0.00622
scoring_system epss
scoring_elements 0.70587
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20916
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20916
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-gpvv-69j7-gwj8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gpvv-69j7-gwj8
7
reference_url https://github.com/gzpan123/pip/commit/a4c735b14a62f9cb864533808ac63936704f2ace
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/gzpan123/pip/commit/a4c735b14a62f9cb864533808ac63936704f2ace
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2020-173.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2020-173.yaml
9
reference_url https://github.com/pypa/pip
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip
10
reference_url https://github.com/pypa/pip/compare/19.1.1...19.2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/compare/19.1.1...19.2
11
reference_url https://github.com/pypa/pip/issues/6413
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/issues/6413
12
reference_url https://lists.debian.org/debian-lts-announce/2020/09/msg00010.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/09/msg00010.html
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-20916
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-20916
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1868135
reference_id 1868135
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1868135
15
reference_url https://access.redhat.com/errata/RHSA-2020:4273
reference_id RHSA-2020:4273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4273
16
reference_url https://access.redhat.com/errata/RHSA-2020:4285
reference_id RHSA-2020:4285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4285
17
reference_url https://access.redhat.com/errata/RHSA-2020:4432
reference_id RHSA-2020:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4432
18
reference_url https://access.redhat.com/errata/RHSA-2020:4654
reference_id RHSA-2020:4654
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4654
19
reference_url https://access.redhat.com/errata/RHSA-2022:5234
reference_id RHSA-2022:5234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5234
20
reference_url https://usn.ubuntu.com/4601-1/
reference_id USN-4601-1
reference_type
scores
url https://usn.ubuntu.com/4601-1/
fixed_packages
0
url pkg:pypi/pip@19.2
purl pkg:pypi/pip@19.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yeg-n7ac-nbcp
1
vulnerability VCID-6vjx-86ky-jyb5
2
vulnerability VCID-9vsa-n12m-83az
3
vulnerability VCID-mfyn-s6qq-h3cz
4
vulnerability VCID-n44w-mvu1-3fax
5
vulnerability VCID-wg19-5rpa-8kd8
6
vulnerability VCID-yt6s-kv29-uuau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pip@19.2
aliases CVE-2019-20916, GHSA-gpvv-69j7-gwj8, PYSEC-2020-173
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jywv-34a4-4fbz
5
url VCID-mfyn-s6qq-h3cz
vulnerability_id VCID-mfyn-s6qq-h3cz
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3219.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3219.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3219
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.05204
published_at 2026-06-11T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.05217
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3219
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3219
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/pip
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip
5
reference_url https://github.com/pypa/pip/issues/13867
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/issues/13867
6
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/QAJ5JIVWWCAJ4EZL2FP5MOOW35JS7LRJ
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://mail.python.org/archives/list/security-announce@python.org/thread/QAJ5JIVWWCAJ4EZL2FP5MOOW35JS7LRJ
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-3219
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-3219
8
reference_url http://www.openwall.com/lists/oss-security/2026/04/20/8
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/20/8
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134492
reference_id 1134492
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134492
10
reference_url https://github.com/pypa/pip/pull/13870
reference_id 13870
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-20T16:03:20Z/
url https://github.com/pypa/pip/pull/13870
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2459774
reference_id 2459774
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2459774
12
reference_url https://github.com/advisories/GHSA-58qw-9mgm-455v
reference_id GHSA-58qw-9mgm-455v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-58qw-9mgm-455v
13
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/QAJ5JIVWWCAJ4EZL2FP5MOOW35JS7LRJ/
reference_id QAJ5JIVWWCAJ4EZL2FP5MOOW35JS7LRJ
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-20T16:03:20Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/QAJ5JIVWWCAJ4EZL2FP5MOOW35JS7LRJ/
14
reference_url https://access.redhat.com/errata/RHSA-2026:20074
reference_id RHSA-2026:20074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20074
fixed_packages
0
url pkg:pypi/pip@26.1
purl pkg:pypi/pip@26.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n44w-mvu1-3fax
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pip@26.1
aliases CVE-2026-3219, GHSA-58qw-9mgm-455v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mfyn-s6qq-h3cz
6
url VCID-n44w-mvu1-3fax
vulnerability_id VCID-n44w-mvu1-3fax
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8643.json
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8643.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-8643
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07381
published_at 2026-06-11T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0742
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-8643
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8643
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8643
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.openwall.com/lists/oss-security/2026/06/01/5
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url http://www.openwall.com/lists/oss-security/2026/06/01/5
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138220
reference_id 1138220
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138220
6
reference_url https://github.com/pypa/pip/pull/14000
reference_id 14000
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 4.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-01T18:57:40Z/
url https://github.com/pypa/pip/pull/14000
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460927
reference_id 2460927
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460927
8
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/YV63UET5D3OOJY7O4M5XCVYO2YM4NBYJ/
reference_id YV63UET5D3OOJY7O4M5XCVYO2YM4NBYJ
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 4.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-01T18:57:40Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/YV63UET5D3OOJY7O4M5XCVYO2YM4NBYJ/
fixed_packages
0
url pkg:pypi/pip@26.1.2
purl pkg:pypi/pip@26.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pip@26.1.2
aliases CVE-2026-8643, PYSEC-2026-196
risk_score 3.6
exploitability 0.5
weighted_severity 7.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n44w-mvu1-3fax
7
url VCID-wg19-5rpa-8kd8
vulnerability_id VCID-wg19-5rpa-8kd8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5752.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5752
reference_id
reference_type
scores
0
value 0.00075
scoring_system epss
scoring_elements 0.22692
published_at 2026-06-11T12:55:00Z
1
value 0.00075
scoring_system epss
scoring_elements 0.22888
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5752
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5752
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-mq26-g339-26xf
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mq26-g339-26xf
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2023-228.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2023-228.yaml
6
reference_url https://github.com/pypa/pip
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip
7
reference_url https://github.com/pypa/pip/commit/389cb799d0da9a840749fcd14878928467ed49b4
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/commit/389cb799d0da9a840749fcd14878928467ed49b4
8
reference_url https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/622OZXWG72ISQPLM5Y57YCVIMWHD4C3U
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/622OZXWG72ISQPLM5Y57YCVIMWHD4C3U
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXUVMJM25PUAZRQZBF54OFVKTY3MINPW
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXUVMJM25PUAZRQZBF54OFVKTY3MINPW
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ
14
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5752
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5752
16
reference_url https://github.com/pypa/pip/pull/12306
reference_id 12306
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T13:38:11Z/
url https://github.com/pypa/pip/pull/12306
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2250765
reference_id 2250765
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2250765
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/622OZXWG72ISQPLM5Y57YCVIMWHD4C3U/
reference_id 622OZXWG72ISQPLM5Y57YCVIMWHD4C3U
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T13:38:11Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/622OZXWG72ISQPLM5Y57YCVIMWHD4C3U/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH/
reference_id 65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T13:38:11Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH/
20
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL/
reference_id F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T13:38:11Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXUVMJM25PUAZRQZBF54OFVKTY3MINPW/
reference_id FXUVMJM25PUAZRQZBF54OFVKTY3MINPW
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T13:38:11Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXUVMJM25PUAZRQZBF54OFVKTY3MINPW/
22
reference_url https://security.gentoo.org/glsa/202501-03
reference_id GLSA-202501-03
reference_type
scores
url https://security.gentoo.org/glsa/202501-03
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E/
reference_id KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T13:38:11Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E/
24
reference_url https://access.redhat.com/errata/RHSA-2024:3781
reference_id RHSA-2024:3781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3781
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ/
reference_id YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T13:38:11Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ/
fixed_packages
0
url pkg:pypi/pip@23.3
purl pkg:pypi/pip@23.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yeg-n7ac-nbcp
1
vulnerability VCID-9vsa-n12m-83az
2
vulnerability VCID-mfyn-s6qq-h3cz
3
vulnerability VCID-n44w-mvu1-3fax
4
vulnerability VCID-yt6s-kv29-uuau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pip@23.3
aliases CVE-2023-5752, GHSA-mq26-g339-26xf, PYSEC-2023-228
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wg19-5rpa-8kd8
8
url VCID-yt6s-kv29-uuau
vulnerability_id VCID-yt6s-kv29-uuau
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8869.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8869.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8869
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08876
published_at 2026-06-11T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08918
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8869
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8869
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/pip
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip
5
reference_url https://github.com/pypa/pip/commit/f2b92314da012b9fffa36b3f3e67748a37ef464a
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/commit/f2b92314da012b9fffa36b3f3e67748a37ef464a
6
reference_url https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html
7
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN
8
reference_url https://pip.pypa.io/en/stable/news/#v25-2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pip.pypa.io/en/stable/news/#v25-2
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116336
reference_id 1116336
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116336
10
reference_url https://github.com/pypa/pip/pull/13550
reference_id 13550
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-16T19:47:29Z/
url https://github.com/pypa/pip/pull/13550
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2397852
reference_id 2397852
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2397852
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-8869
reference_id CVE-2025-8869
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-8869
13
reference_url https://github.com/advisories/GHSA-4xh5-x5gv-qwph
reference_id GHSA-4xh5-x5gv-qwph
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4xh5-x5gv-qwph
14
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/
reference_id IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-16T19:47:29Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/
fixed_packages
0
url pkg:pypi/pip@25.3
purl pkg:pypi/pip@25.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yeg-n7ac-nbcp
1
vulnerability VCID-9vsa-n12m-83az
2
vulnerability VCID-mfyn-s6qq-h3cz
3
vulnerability VCID-n44w-mvu1-3fax
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pip@25.3
aliases CVE-2025-8869, GHSA-4xh5-x5gv-qwph
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yt6s-kv29-uuau
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/pip@19.0