Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 2 of 2 results

CVE-2024-6345

Medium priority
Fixed

A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or...

3 affected packages

python-pip, python-setuptools, setuptools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-pip Not affected Not affected Fixed Fixed Fixed
python-setuptools Not in release Fixed Fixed Fixed Fixed
setuptools Fixed Fixed Fixed
Show less packages

CVE-2022-40897

Medium priority
Fixed

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in...

3 affected packages

python-pip, python-setuptools, setuptools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-pip Fixed Fixed Fixed Fixed
python-setuptools Fixed Fixed Fixed Fixed
setuptools Fixed Fixed Not in release Not in release
Show less packages