Denial of service

Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py...

CVE-2022-40897

Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python Python Packaging Authority PyPA setuptools version 65.3.0 and earlier. A...

py27-setuptools44 -- denial of service vulnerability

SCH227 reports: Python Packaging Authority PyPA's setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page du...

py39-setuptools -- denial of service vulnerability

SCH227 reports: Python Packaging Authority PyPA's setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page du...

py39-setuptools58 -- denial of service vulnerability

SCH227 reports: Python Packaging Authority PyPA's setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page du...

CVE-2022-40897

Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py...

CVE-2022-40897

CVE-2022-40897 affects Python setuptools (PyPA) prior to 65.5.1, enabling a Regular Expression Denial of Service (ReDoS) via HTML in crafted PackageIndex content (package_index.py). Affected component is setuptools; impact is DoS with potential availability disruption. Remediation shown across mu...

CVE-2022-40897

Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py...

Moderate: Red Hat Security Advisory: Red Hat OpenStack 16.1.9 (python-XStatic-Bootstrap-SCSS) security update

An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat OpenStack Platform 16.1.9 Train for Red Hat Enterprise Linux RHEL 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...

Moderate: Red Hat Security Advisory: Red Hat OpenStack 16.2.4 (python-XStatic-Bootstrap-SCSS) security update

An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat OpenStack Platform 16.2.4 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

PT-2022-6567

Name of the Vulnerable Software and Affected Versions Python Packaging Authority PyPA setuptools versions 65.3.0 through 65.5.0 Description The issue is related to insufficient input validation when processing HTML content, allowing remote attackers to cause a denial of service via crafted HTML i...

new packages: python-setuptools

An update is available for python-setuptools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Setuptools vulnerable to Man-in-the-middle attacks

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...

GHSA-27X4-J476-JP5F Setuptools vulnerable to Man-in-the-middle attacks

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...

python27:2.7 security update

babel 9.0.3-19 - Remove bundled windows executables - Resolves: rhbz2006792 python2 2.7.18-10.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 2.7.18-10 - Security fix for CVE-2022-0391: urlparse does not sanitize URLs containing ASCII newline and tabs Resolves: rhbz2047376...

Mageia: Security Advisory (MGASA-2013-0274)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2013-0376)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python3 packages fix security vulnerabilities

Update python3 to 3.8.11 to fix several security issues. Fixes in 3.8.10 are also included. Bundled pip and setuptools were updated in 3.8.11 so python-pip needs to be updated to 21.1.3 and python-setuptools to 56.2.0 at the same time. Also, we fix the following issue: In Python before 3.9.5, the...

SUSE-FU-2021:2130-1 Feature implementation for python39-pip, python39-setuptools

This update for python39-pip, python39-setuptools fixes the following issues: Changes in python39-setuptools: - Provide python39-setuptools version 44.1.1 with vendored dependencies. jscSLE-17532, jscSLE-17957 Changes in python39-pip: - Provide python39-pip version 20.2.4 with vendored...