958 matches found
DLA-4183-1 setuptools - security update
Bulletin has no description...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2025:01715-1 Security update for python-setuptools
This update for python-setuptools fixes the following issues: - CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313...
SUSE SLES15 / openSUSE 15 Security Update : python310-setuptools (SUSE-SU-2025:01709-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:01709-1 advisory. - CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Tenable has extract...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-setuptools (SUSE-SU-2025:01704-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01704-1 advisory. - CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313...
Security update for python310-setuptools
This update for python310-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Directory Traversal
setuptools is vulnerable to Directory Traversal. The vulnerability is due to improper input validation in the PackageIndex component allowing arbitrary file writes to the filesystem, potentially leading to remote code execution...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2025:01704-1 Security update for python-setuptools
This update for python-setuptools fixes the following issues: - CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313...
SUSE: Security Advisory (SUSE-SU-2025:01693-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:01695-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : python36-setuptools (SUSE-SU-2025:01693-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01693-1 advisory. - CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Tenable has extracted the preceding...
SUSE SLES12 Security Update : python-setuptools (SUSE-SU-2025:01695-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01695-1 advisory. - CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Tenable has extracted the precedi...
SUSE-SU-2025:01695-1 Security update for python-setuptools
This update for python-setuptools fixes the following issues: - CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313...
Security update for python36-setuptools
This update for python36-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2025:01693-1 Security update for python36-setuptools
This update for python36-setuptools fixes the following issues: - CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313...
SUSE CVE-2025-47273
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in PackageIndex is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with...
aaiopay (>=0.2.1 <=0.2.2), abc-xml-converter (>=1.0.0 <=1.0.1) +4009 more potentially affected by CVE-2025-47273 via setuptools (>=15.2.0 <=78.1.0)
setuptools PYPI version =15.2.0, =0.2.1, =1.0.0, =0.0.1, =0.1.18, =0.0.1, =0.1.0, =0.1.0, =0.2.6, =0.0.1, =1.6.0, =3.0.1 and more Source cves: CVE-2025-47273 Source advisory: OSV:GHSA-5RJG-FVGR-3XXF...
GHSA-5RJG-FVGR-3XXF setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write
Summary A path traversal vulnerability in PackageIndex was fixed in setuptools version 78.1.1 Details def downloadurlself, url, tmpdir: Determine download filename name, fragment = egginfoforurlurl if name: while '..' in name: name = name.replace'..', '.'.replace'\', '' else: name = "downloaded"...
setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write
Summary A path traversal vulnerability in PackageIndex was fixed in setuptools version 78.1.1 Details def downloadurlself, url, tmpdir: Determine download filename name, fragment = egginfoforurlurl if name: while '..' in name: name = name.replace'..', '.'.replace'\', '' else: name = "downloaded"...