Search CVE reports
1 – 3 of 3 results
Some fixes available 10 of 18
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be...
3 affected packages
python-pip, python-setuptools, setuptools
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-pip | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| python-setuptools | Not in release | Fixed | Fixed | Fixed |
| setuptools | Fixed | Fixed | Fixed | — |
A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or...
3 affected packages
python-pip, python-setuptools, setuptools
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-pip | Not affected | Not affected | Fixed | Fixed |
| python-setuptools | Not in release | Fixed | Fixed | Fixed |
| setuptools | Fixed | Fixed | Fixed | — |
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in...
3 affected packages
python-pip, python-setuptools, setuptools
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-pip | — | Fixed | Fixed | Fixed |
| python-setuptools | — | Fixed | Fixed | Fixed |
| setuptools | — | Fixed | Fixed | Not in release |