pip
The PyPA recommended tool for installing Python packages.
Security Advisories for pip in pypi
Moderate
29 days ago
pip's fallback tar extraction doesn't check symbolic links point to extraction directory
pypi
pip