pip@21.1.1 vulnerabilities
The PyPA recommended tool for installing Python packages.
-
latest version
24.0
-
latest non vulnerable version
-
first published
16 years ago
-
latest version published
3 months ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the pip package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Arbitrary Command Injection when installing a package from a Mercurial VCS URL. An attacker can inject arbitrary configuration options to the How to fix Arbitrary Command Injection? Upgrade |
[,23.3)
|