ROS-20230428-05

A vulnerability in Python Packaging Authority installation tools is related to insufficient input validation when processing HTML content. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application and perform a denial of service...

FreeBSD : py39-setuptools58 -- denial of service vulnerability (24da150a-33e0-4fee-b4ee-2c6b377d3395)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 24da150a-33e0-4fee-b4ee-2c6b377d3395 advisory. - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of...

Medium: python2-setuptools

Issue Overview: Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py. CVE-2022-40897 Affected Packages:...

Malicious code in tppullpyad (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6864712bdbeead6f670fbdcef9dc41009b44ef3dddce7361a53badad90fd87b7 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selflgtbpostrand (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b2563ef52025f93e3b6b349de804cf039ace554c5e728cdbeb4a7a95ad299a74 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-httptoolstring (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4a918486a893a920f81240ff79d805ea13d3cebf95fe4334872ac030554a465c EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-intelmcad (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 46bd7cf9b0fb3f5b136e34f174b4f0a0f5755d0041a8d0a9b411f9390e4c1a16 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in esqrepullstring (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx db49c4ba3c6632bef1000d5fd10a3bb485273ce59377b605ae18e3a24d72ae9b EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfcraftsuperhacked (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4c306a77e3cf5fd1d9dd6eec655a6078325cc089b3f3d3376df0bdde6bbf9bfa EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in tppushcpucandy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx db3846a8f57d90175da1688f15191dfe3940d84468e66509f269aad0cf77829f EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-studypostgame (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 781d924bc6b7abbb493ef4d5ed554229b1669af03ec7bee2d0a2744fb6c659f0 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-visakill (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0e621ba866af281a117211369b66c8dde925d0cc58792721b3c375c9970577df EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfrandompep (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c5db949e85404d6a820498bd64e8e496a9d44657e155b898e7f4142914ab5071 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfguipullsplit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 35815cc61c3756ee88e3ef7b6cec4197bdc1879dcacf3a86c726cf5a580dff4a EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in tpkillpush (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5142537ff05afecab70654f7259415afa1edeefc86075d6e0c65db162adcad66 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfpepsplitram (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 14fe5a29b87cb9c858ca10c10c0cdbf976aa67041c4ef18d09e17a630223909c EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfsplitpushcraft (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 14f272ffcf520c7c051b93fd78e0b12de28bf89596e081a0c848b74a505dbdab EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in esqcontrolad (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 92c38f2d2ef995b09bee279fe7a9d7ded286b0bb29bb201eb010e5eb4c4ff549 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfedrandomad (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 312f7578adc34dc6733a049ee542a3ccbfa5f280b4b4506e1fe19c015557680b EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in tplgtbping (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8b4de41987427f32337d35a782c7cada3dc0f3dcfab7a8b1cdc6789623435b78 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...