vulnerability

Red Hat: CVE-2021-3572: CVE-2021-3572 python-pip: Incorrect handling of unicode separators in git references (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	2021-11-09	2021-11-10	2023-12-15

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

2021-11-09

Added

2021-11-10

Modified

2023-12-15

Description

A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1.

Solution(s)

redhat-upgrade-cython-debugsourceredhat-upgrade-numpy-debugsourceredhat-upgrade-platform-python-pipredhat-upgrade-python-cffi-debugsourceredhat-upgrade-python-cryptography-debugsourceredhat-upgrade-python-lxml-debugsourceredhat-upgrade-python-markupsafe-debugsourceredhat-upgrade-python-psutil-debugsourceredhat-upgrade-python-psycopg2-debugsourceredhat-upgrade-python3-pipredhat-upgrade-python3-pip-wheelredhat-upgrade-python38redhat-upgrade-python38-asn1cryptoredhat-upgrade-python38-atomicwritesredhat-upgrade-python38-attrsredhat-upgrade-python38-babelredhat-upgrade-python38-cffiredhat-upgrade-python38-cffi-debuginforedhat-upgrade-python38-chardetredhat-upgrade-python38-cryptographyredhat-upgrade-python38-cryptography-debuginforedhat-upgrade-python38-cythonredhat-upgrade-python38-cython-debuginforedhat-upgrade-python38-debugredhat-upgrade-python38-debuginforedhat-upgrade-python38-debugsourceredhat-upgrade-python38-develredhat-upgrade-python38-idleredhat-upgrade-python38-idnaredhat-upgrade-python38-jinja2redhat-upgrade-python38-libsredhat-upgrade-python38-lxmlredhat-upgrade-python38-lxml-debuginforedhat-upgrade-python38-markupsaferedhat-upgrade-python38-markupsafe-debuginforedhat-upgrade-python38-mod_wsgiredhat-upgrade-python38-more-itertoolsredhat-upgrade-python38-numpyredhat-upgrade-python38-numpy-debuginforedhat-upgrade-python38-numpy-docredhat-upgrade-python38-numpy-f2pyredhat-upgrade-python38-packagingredhat-upgrade-python38-pipredhat-upgrade-python38-pip-wheelredhat-upgrade-python38-pluggyredhat-upgrade-python38-plyredhat-upgrade-python38-psutilredhat-upgrade-python38-psutil-debuginforedhat-upgrade-python38-psycopg2redhat-upgrade-python38-psycopg2-debuginforedhat-upgrade-python38-psycopg2-docredhat-upgrade-python38-psycopg2-testsredhat-upgrade-python38-pyredhat-upgrade-python38-pycparserredhat-upgrade-python38-pymysqlredhat-upgrade-python38-pyparsingredhat-upgrade-python38-pysocksredhat-upgrade-python38-pytestredhat-upgrade-python38-pytzredhat-upgrade-python38-pyyamlredhat-upgrade-python38-pyyaml-debuginforedhat-upgrade-python38-requestsredhat-upgrade-python38-rpm-macrosredhat-upgrade-python38-scipyredhat-upgrade-python38-scipy-debuginforedhat-upgrade-python38-setuptoolsredhat-upgrade-python38-setuptools-wheelredhat-upgrade-python38-sixredhat-upgrade-python38-testredhat-upgrade-python38-tkinterredhat-upgrade-python38-urllib3redhat-upgrade-python38-wcwidthredhat-upgrade-python38-wheelredhat-upgrade-python38-wheel-wheelredhat-upgrade-python39redhat-upgrade-python39-attrsredhat-upgrade-python39-cffiredhat-upgrade-python39-cffi-debuginforedhat-upgrade-python39-chardetredhat-upgrade-python39-cryptographyredhat-upgrade-python39-cryptography-debuginforedhat-upgrade-python39-cythonredhat-upgrade-python39-cython-debuginforedhat-upgrade-python39-debugredhat-upgrade-python39-debuginforedhat-upgrade-python39-debugsourceredhat-upgrade-python39-develredhat-upgrade-python39-idleredhat-upgrade-python39-idnaredhat-upgrade-python39-iniconfigredhat-upgrade-python39-libsredhat-upgrade-python39-lxmlredhat-upgrade-python39-lxml-debuginforedhat-upgrade-python39-mod_wsgiredhat-upgrade-python39-more-itertoolsredhat-upgrade-python39-numpyredhat-upgrade-python39-numpy-debuginforedhat-upgrade-python39-numpy-docredhat-upgrade-python39-numpy-f2pyredhat-upgrade-python39-packagingredhat-upgrade-python39-pipredhat-upgrade-python39-pip-wheelredhat-upgrade-python39-pluggyredhat-upgrade-python39-plyredhat-upgrade-python39-psutilredhat-upgrade-python39-psutil-debuginforedhat-upgrade-python39-psycopg2redhat-upgrade-python39-psycopg2-debuginforedhat-upgrade-python39-psycopg2-docredhat-upgrade-python39-psycopg2-testsredhat-upgrade-python39-pyredhat-upgrade-python39-pybind11redhat-upgrade-python39-pybind11-develredhat-upgrade-python39-pycparserredhat-upgrade-python39-pymysqlredhat-upgrade-python39-pyparsingredhat-upgrade-python39-pysocksredhat-upgrade-python39-pytestredhat-upgrade-python39-pyyamlredhat-upgrade-python39-pyyaml-debuginforedhat-upgrade-python39-requestsredhat-upgrade-python39-rpm-macrosredhat-upgrade-python39-scipyredhat-upgrade-python39-scipy-debuginforedhat-upgrade-python39-setuptoolsredhat-upgrade-python39-setuptools-wheelredhat-upgrade-python39-sixredhat-upgrade-python39-testredhat-upgrade-python39-tkinterredhat-upgrade-python39-tomlredhat-upgrade-python39-urllib3redhat-upgrade-python39-wcwidthredhat-upgrade-python39-wheelredhat-upgrade-python39-wheel-wheelredhat-upgrade-pyyaml-debugsourceredhat-upgrade-scipy-debugsource

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today