Amazon Linux 2 : python38-setuptools (ALASPYTHON3.8-2023-003)

The version of python38-setuptools installed on the remote host is prior to 38.4.0-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2PYTHON3.8-2023-003 advisory. Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service...

Medium: python38-setuptools

Issue Overview: Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py. CVE-2022-40897 Affected Packages:...

Amazon Linux 2 : python-setuptools (ALAS-2023-2196)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2196 advisory. Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denia...

Medium: python-setuptools

Issue Overview: Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py. CVE-2022-40897 Affected Packages:...

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service due to [CVE-2022-40897]

Summary Python setuptools is present in the IBM App Connect Enterprise Certified Container operand images. Python setuptools is vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in Python setuptools. CVE-2022-40897 Vulnerability Detail...

Amazon Linux 2023 : python3-setuptools, python3-setuptools-wheel (ALAS2023-2023-245)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-245 advisory. Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression...

Medium: python-setuptools

Issue Overview: Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py. CVE-2022-40897 Affected Packages:...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multiple vulnerabilities in Python

Summary Potential vulnerabilities in Python have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. These vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2021-28861 DESCRIPTION: Python could allow a...

Mageia: Security Advisory (MGASA-2023-0219)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python38:3.8 and python38-devel:3.8 security update

babel 2.7.0-11 - Fix CVE-2021-20095 Resolves: rhbz1955615 Cython 0.29.14-4 - Exclude unsupported i686 arch modwsgi 4.6.8-4 - Core dumped upon file upload = 1GB Resolves: rhbz2125171 numpy 1.17.3-6 - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz1933055 python38...

MGASA-2023-0219 Updated python-setuptools packages fix security vulnerability

Denial of service via crafted HTML CVE-2022-40897...

Updated python-setuptools packages fix security vulnerability

Denial of service via crafted HTML CVE-2022-40897...

Security Bulletin: A vulnerability in Pypa Setuptools may affect IBM Robotic Process Automation for Cloud Pak and result in a denial of service (CVE-2022-40897)

Summary Pypa Setuptools is used by IBM Robotic Process Automation for Cloud Pak as part of Watson NLP. CVE-2022-40897 Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a...

Security Bulletin: IBM Spectrum Discover is vulnerable to multiple vulnerabilities

Summary IBM has addressed multiple vulnerabilities in IBM Spectrum Discover. Webpack loader-utils CVE-2022-37601 is vulnerable to execute arbitrary code on the system caused by a pollution flaw in parseQuery function. OpenStack Keystone CVE-2021-3563 is vulnerable to bypass security restriction...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from libcurl, openssl, gnutls, libarchive and libsepol

Summary Multiple issues were identified in Red Hat UBI packages libcurl, openssl, gnutls, libarchive and libsepol that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details CVEID:CVE-2023-0286 DESCRIPTION: OpenSSL is vulnerable to a denial of...

EulerOS Virtualization 3.0.6.0 : python-setuptools (EulerOS-SA-2023-2246)

According to the versions of the python-setuptools packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML...

Huawei EulerOS: Security Advisory for python-setuptools (EulerOS-SA-2023-2246)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-setuptools (EulerOS-SA-2023-2166)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : python-setuptools (EulerOS-SA-2023-2166)

According to the versions of the python-setuptools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted...

EulerOS Virtualization 2.11.1 : python-setuptools (EulerOS-SA-2023-2059)

According to the versions of the python-setuptools packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML...