Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud Crowbar 8 package python-pip, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2019-20916 — CVSS 7.5 (high): The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition…
CVE-2021-3572 — CVSS 5.7 (medium): A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue…