Описание
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
A flaw was found in Python Setuptools due to a regular expression Denial of Service (ReDoS) present in package_index.py. This issue could allow a remote attacker to cause a denial of service via HTML in a crafted package or custom PackageIndex page.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ansible Automation Platform 2 | python-setuptools | Not affected | ||
| Red Hat Enterprise Linux 6 | python-setuptools | Out of support scope | ||
| Red Hat Enterprise Linux 7 | python3-setuptools | Out of support scope | ||
| Red Hat Enterprise Linux 7 | python-setuptools | Out of support scope | ||
| Red Hat Enterprise Linux 8 | python3.11-setuptools | Not affected | ||
| Red Hat Enterprise Linux 9 | python3.11-setuptools | Not affected | ||
| Red Hat OpenShift Container Platform 4 | python-setuptools | Not affected | ||
| Red Hat OpenShift Dev Spaces | python-setuptools | Not affected | ||
| Red Hat OpenStack Platform 16.1 | python-setuptools | Will not fix | ||
| Red Hat Quay 3 | python-setuptools | Affected |
Показывать по
Дополнительная информация
Статус:
5.9 Medium
CVSS3
Связанные уязвимости
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remo ...
5.9 Medium
CVSS3