11 matches found
EulerOS 2.0 SP12 : python-setuptools (EulerOS-SA-2024-2803)
According to the versions of the python-setuptools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download...
SUSE CVE-2024-6345
A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...
CVE-2024-6345
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
GHSA-CX63-2MW6-8HW5 setuptools vulnerable to Command Injection via package URL
A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...
setuptools vulnerable to Command Injection via package URL
A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...
DEBIAN-CVE-2024-6345
A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...
CVE-2024-6345
A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...
CVE-2024-6345 Remote Code Execution in pypa/setuptools
A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...
CVE-2024-6345
CVE-2024-6345 affects the setuptools package_index module in setuptools versions up to 69.1.1, enabling remote code execution through user-controlled package download inputs. The vulnerability stems from download functions that can be fed URLs from users or index servers, allowing arbitrary comma...
CVE-2024-6345 Remote Code Execution in pypa/setuptools
A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...
setuptools Code Injection Vulnerability
setuptools is a Python library open-sourced by PyPI. A code injection vulnerability exists in setuptools version 69.1.1 and earlier, which stems from allowing remote code execution via the download function and is vulnerable to code injection attacks...