Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-5rjg-fvgr-3xxf
  • PyPI/setuptools
 setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write 19 May 2025
  • Fix available
  • Severity - 7.7 (High)
PYSEC-2025-49
  • PyPI/setuptools
  • github.com/pypa/setuptools
 See record for full details 17 May 2025
  • Fix available
  • Severity - 8.8 (High)
GHSA-cx63-2mw6-8hw5
  • PyPI/setuptools
 setuptools vulnerable to Command Injection via package URL 15 Jul 2024
  • Fix available
  • Severity - 7.5 (High)
GHSA-r9hx-vwmv-q579
  • PyPI/setuptools
 pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS) 23 Dec 2022
  • Fix available
  • Severity - 8.7 (High)
PYSEC-2022-43012
  • PyPI/setuptools
  • github.com/pypa/setuptools
 See record for full details 23 Dec 2022
  • Fix available
GHSA-27x4-j476-jp5f
  • PyPI/setuptools
 Setuptools vulnerable to Man-in-the-middle attacks 17 May 2022
  • Fix available
  • Severity - 8.3 (High)
PYSEC-2013-22
  • PyPI/setuptools
 See record for full details 06 Aug 2013
  • Fix available