View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2014-8991 severity moderate: SUSE including 325 source package names (3.9.20-50.2:python39-pip-20.2.4-7.5.1, 3.9.20-50.2:python39-setuptools-44.1.1-7.3.1, …), 448 product×package rows across 79 product lines (Container bci/python, Container containers/python, … (79 product lines)): Known Affected 231, Fixed 159, Known Not Affected 58.
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.