|Link||package | bugs open | bugs closed | Wiki | GitHub | web search|
|Description||The PyPA recommended tool for installing Python packages|
A security issue has been found in pip before version 21.1. Maliciously formatted tags could be used to hijack a commit-based pin. Using the fact that all...
|CVE-2018-20225||AVG-1153||Low||Yes||Arbitrary code execution||
An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a...