Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Mageia 9: MGASA-2025-0055 moderate: python-pip configuration injection

mageia
Calendar Grey February 12, 2025
Dist Mageia Esm H88
MGASA-2025-0060 upgrades python-pip to resolve cross-site scripting vulnerability. Discover additional details regarding this security notice.
Mercurial configuration injectable in repo revision when installing via pip

Summary

Mercurial configuration injectable in repo revision when installing via pip. (CVE-2023-5752)

References

- https://bugs.mageia.org/show_bug.cgi?id=33542

-

- https://www.cve.org/CVERecord?id=CVE-2023-5752

Topics%20covered

Topics Covered

security advisory package update moderate severity Mageia python-pip Mercurial configuration injection

Resolution

SRPMS

- 9/core/python-pip-23.0.1-1.1.mga9

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 12 Feb 2025
URL: https://advisories.mageia.org/MGASA-2025-0055.html
Type: security
CVE: CVE-2023-5752

Topics%20covered

Topics Covered

security advisory package update moderate severity Mageia python-pip Mercurial configuration injection

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here