pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...

python-setuptools security update

0.9.8-7.0.1 - Fixes CVE-2024-6345 security issue Orabug: 37054994...

RHEL 8 : fence-agents (RHSA-2024:8171)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8171 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...

RHEL 8 : resource-agents (RHSA-2024:8173)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8173 advisory. The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several service...

RHEL 8 : fence-agents (RHSA-2024:8170)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8170 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...

RHEL 8 : resource-agents (RHSA-2024:8179)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8179 advisory. The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several service...

CVE-2024-6345 affecting package python-setuptools for versions less than 69.0.3-4

CVE-2024-6345 affecting package python-setuptools for versions less than 69.0.3-4. A patched version of the package is available...

CVE-2024-6345

...

EulerOS 2.0 SP11 : python-setuptools (EulerOS-SA-2024-2592)

According to the versions of the python-setuptools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download...

Huawei EulerOS: Security Advisory for python-setuptools (EulerOS-SA-2024-2592)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : python-setuptools (EulerOS-SA-2024-2566)

According to the versions of the python-setuptools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download...

Huawei EulerOS: Security Advisory for python-setuptools (EulerOS-SA-2024-2566)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : python3-setuptools (ELSA-2024-6661)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-6661 advisory. 39.2.0-10.0.3 - Back port fix for CVE-2024-6345 Orabug: 37054771 Tenable has extracted the preceding description block directly from the Oracle Linux security...

python3-setuptools security update

39.2.0-10.0.3 - Back port fix for CVE-2024-6345 Orabug: 37054771...

Advisory ROSA-SA-2024-2499

Software: python-setuptools 39.2.0 OS: ROSA Virtualization 2.1 packageevrstring: python-setuptools-39.2.0-8.rv3 CVE-ID: CVE-2022-40897 BDU-ID: 2023-02445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Python Packaging Authority package installation tools is related to insufficient input...

Amazon Linux 2 : python-setuptools (ALAS-2024-2641)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2641 advisory. A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from...

Important: python-setuptools

Issue Overview: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptibl...

Amazon Linux 2 : python38-setuptools (ALASPYTHON3.8-2024-012)

The version of python38-setuptools installed on the remote host is prior to 38.4.0-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2PYTHON3.8-2024-012 advisory. A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code...

Important: python-setuptools

Issue Overview: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptibl...

Important: python38-setuptools

Issue Overview: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptibl...