Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2021-3572

Disclosure Date: November 10, 2021
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Products

  • python-pip

Additional Info

Technical Analysis