MidnightBSD

Advisories for guillaume_gauvrit

CVE-2013-1630 MEDIUM

pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a download operation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
guillaume_gauvrit pyshop 0.6
guillaume_gauvrit pyshop 0.2
guillaume_gauvrit pyshop 0.4
guillaume_gauvrit pyshop *
guillaume_gauvrit pyshop 0.3
guillaume_gauvrit pyshop 0.1
guillaume_gauvrit pyshop 0.5