Pyshop
1 CVEs
product
Monthly
pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.
RCE
Pyshop
NVD
GitHub
CVSS 2.0
6.8
EPSS
0.5%
CVE-2013-1630
PyPI
EPSS 1%
CVSS 6.8
MEDIUM
PATCH
This Month
pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.
RCE
Pyshop
NVD
GitHub