Wind River Support Network

HomeDefectsLIN1025-15385
Acknowledged

LIN1025-15385 : Security Advisory - python3-pip - CVE-2026-8643

Created: Jun 2, 2026    Updated: Jun 4, 2026
Found In Version: 10.25.33.2
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Userspace

Description

pip would treat console_scripts and gui_scripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory.
  • Linkedin
  • Facebook
  • Twitter
  • Youtube