Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-40897

Опубликовано: 23 дек. 2022
Источник: debian

Описание

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
setuptoolsfixed65.6.3-1package

Примечания

  • https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be (v65.5.1)

Связанные уязвимости

ubuntu логотип

CVE-2022-40897

CVSS3: 5.9
ubuntu
больше 2 лет назад

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.

redhat логотип

CVE-2022-40897

CVSS3: 5.9
redhat
больше 2 лет назад

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.

nvd логотип

CVE-2022-40897

CVSS3: 5.9
nvd
больше 2 лет назад

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.

msrc логотип

CVE-2022-40897

CVSS3: 5.9
msrc
больше 2 лет назад

Описание отсутствует

suse-cvrf логотип

SUSE-SU-2023:4517-1

suse-cvrf
больше 1 года назад

Security update for python3-setuptools