QwikSec

Security Database

CVE

CWE

Training

CVE-2021-3572

Published: Nov 10, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1.

Vendor	Product	Versions
n/a	python-pip	affected `fixed in python-pip 21.1`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=1962856

https://www.oracle.com/security-alerts/cpuapr2022.html

https://www.oracle.com/security-alerts/cpujul2022.html

https://security.netapp.com/advisory/ntap-20240621-0006/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.