rpm package
suse/python-setuptools&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-47273 | — | < 67.7.2-150400.3.19.1 | 67.7.2-150400.3.19.1 | May 17, 2025 | setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on | ||
| CVE-2024-6345 | Hig | 8.8 | < 67.7.2-150400.3.16.1 | 67.7.2-150400.3.16.1 | Jul 15, 2024 | A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are suscepti | |
| CVE-2023-30608 | — | < 67.7.2-150400.3.12.1 | 67.7.2-150400.3.12.1 | Apr 18, 2023 | sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of |
- CVE-2025-47273May 17, 2025affected < 67.7.2-150400.3.19.1fixed 67.7.2-150400.3.19.1
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on
- affected < 67.7.2-150400.3.16.1fixed 67.7.2-150400.3.16.1
A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are suscepti
- CVE-2023-30608Apr 18, 2023affected < 67.7.2-150400.3.12.1fixed 67.7.2-150400.3.12.1
sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of