ID:

CVE-2013-5123 (NVD)

- Vulnerability Info (edit)
2019-11-05

The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.