38 matches found
Astra Linux - уязвимость в python-setuptools
A vulnerability exists in the packageindex module of pypa/setuptools versions up to 69.1.1, allowing for remote code execution through its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are vulnerable t...
CVE-2021-47911
Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests...
EUVD-2021-34760
Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests...
CVE-2021-47911 Affiliate Pro 1.7 Reflected Cross-Site Scripting via Index Module
Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests...
CVE-2021-47911 Affiliate Pro 1.7 Reflected Cross-Site Scripting via Index Module
Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests...
CVE-2021-47911
Affiliate Pro 1.7 is affected by multiple reflected cross-site scripting (XSS) vulnerabilities in the index module’s input fields. The attacker-controlled parameters fullname, username, and email can inject scripts to trigger client-side attacks and manipulate browser requests. The CVE details in...
CVE-2021-47911
Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests...
PT-2026-5556
Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests...
MiracleLinux 8 : resource-agents-4.9.0-54.el8_10.4 (AXSA:2024-8815:06)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8815:06 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 pypa/setuptools: Remote code execution via...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in setuptools
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in setuptools Vulnerability Details CVEID:CVE-2024-6345 DESCRIPTION: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download...
CLSA-2025-1761051864 python3-setuptools: Fix of 2 CVEs
CVE-2022-40897: fix Regular Expression Denial of Service ReDoS in packageindex.py - CVE-2024-6345: fix remote code execution in packageindex module...
MAL-2025-25522 Malicious code in log-zeta-resolve-index-module (npm)
The package log-zeta-resolve-index-module was found to contain malicious code...
Malicious code in log-zeta-resolve-index-module (npm)
The package log-zeta-resolve-index-module was found to contain malicious code...
NewStart CGSL MAIN 7.02 : python-setuptools Vulnerability (NS-SA-2025-0086)
The remote NewStart CGSL host, running version MAIN 7.02, has python-setuptools packages installed that are affected by a vulnerability: - A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These...
SUSE-SU-2025:20053-1 Security update for python-setuptools
This update for python-setuptools fixes the following issues: - CVE-2024-6345: Fixed code execution via download functions in the packageindex module in pypa/setuptools bsc1228105...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2024-6345: Fixed code execution via download functions in the packageindex module in pypa/setuptools bsc1228105 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...