OSV - Open Source Vulnerabilities

GHSA-6vgw-5pg2-w6jp

PyPI/pip

pip Path Traversal vulnerability

02 Feb

Fix available
Severity - 2.0 (Low)

GHSA-4xh5-x5gv-qwph

PyPI/pip

pip's fallback tar extraction doesn't check symbolic links point to extraction directory

24 Sep 2025

Fix available
Severity - 5.9 (Medium)

MAL-2025-41700

PyPI/malicious-pip-package-for-demo

Malicious code in malicious-pip-package-for-demo (PyPI)

28 Aug 2025

No fix available

MAL-2024-11597

PyPI/frexco-pip-requests

Malicious code in frexco-pip-requests (PyPI)

09 Dec 2024

No fix available

MAL-2024-11575

PyPI/dftester-pip

Malicious code in dftester-pip (PyPI)

27 Nov 2024

No fix available

MAL-2024-10105

PyPI/popeye-pip-v3

Malicious code in popeye-pip-v3 (PyPI)

22 Jul 2024

No fix available

MAL-2024-5483

PyPI/pip-rce

Malicious code in pip-rce (PyPI)

25 Jun 2024

No fix available

MAL-2024-5484

PyPI/pip-remote-access-test

Malicious code in pip-remote-access-test (PyPI)

25 Jun 2024

No fix available

MAL-2024-5482

PyPI/pip-goodthing

Malicious code in pip-goodthing (PyPI)

25 Jun 2024

No fix available

MAL-2024-5343

PyPI/malicious-pip-package-for-democdf

Malicious code in malicious-pip-package-for-democdf (PyPI)

25 Jun 2024

No fix available

MAL-2024-5042

PyPI/dero-pip

Malicious code in dero-pip (PyPI)

25 Jun 2024

No fix available

GHSA-mq26-g339-26xf

PyPI/pip

Command Injection in pip when used with Mercurial

25 Oct 2023

Fix available
Severity - 6.8 (Medium)

PYSEC-2023-228

PyPI/pip

See record for full details

25 Oct 2023

Fix available
Severity - 3.3 (Low)

MAL-2023-1388

PyPI/print-pip

Malicious code in print-pip (PyPI)

20 May 2023

No fix available

GHSA-c5h8-cq4v-cvfm

PyPI/pip

Improper Authentication in pip

24 May 2022

Fix available
Severity - 8.2 (High)

GHSA-4gv5-qhvr-36vv

PyPI/pip

Improper Link Resolution Before File Access in pip

13 May 2022

Fix available
Severity - 6.9 (Medium)

Load more...(1 page left)