CVE-2013-5123 (NVD)- Vulnerability Info (edit)
The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.
|Products||Debian_linux, Fedora, Pip, Openshift, Software_collections, Virtualenv|
Improper Authentication (CWE-287)
|First patch||- None (likely due to unavailable code)|
No patch was assigned yet.