Описание
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 9.0.1-2.3~ubuntu1.18.04.6 |
| devel | not-affected | 23.0.1+dfsg-1 |
| esm-apps/bionic | released | 9.0.1-2.3~ubuntu1.18.04.6 |
| esm-apps/focal | released | 20.0.2-5ubuntu1.7 |
| esm-apps/jammy | released | 22.0.2+dfsg-1ubuntu0.1 |
| esm-apps/xenial | released | 8.1.1-2ubuntu0.6+esm3 |
| esm-infra-legacy/trusty | not-affected | 1.5.4-1ubuntu4+esm2 |
| focal | released | 20.0.2-5ubuntu1.7 |
| jammy | released | 22.0.2+dfsg-1ubuntu0.1 |
| kinetic | released | 22.2+dfsg-1ubuntu0.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 39.0.1-2ubuntu0.1 |
| esm-apps/focal | released | 44.0.0-2ubuntu0.1 |
| esm-apps/jammy | released | 44.1.1-1.2ubuntu0.22.04.1 |
| esm-infra-legacy/trusty | not-affected | 3.3-1ubuntu2+esm1 |
| esm-infra/bionic | not-affected | 39.0.1-2ubuntu0.1 |
| esm-infra/xenial | released | 20.7.0-1ubuntu0.1~esm1 |
| focal | released | 44.0.0-2ubuntu0.1 |
| jammy | released | 44.1.1-1.2ubuntu0.22.04.1 |
| kinetic | released | 44.1.1-1.2ubuntu0.22.10.1 |
| trusty | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 66.1.1-1 |
| esm-infra/focal | not-affected | 45.2.0-1ubuntu0.1 |
| focal | released | 45.2.0-1ubuntu0.1 |
| jammy | released | 59.6.0-1.2ubuntu0.22.04.1 |
| kinetic | released | 59.6.0-1.2ubuntu0.22.10.1 |
| lunar | not-affected | 66.1.1-1 |
| trusty | DNE | |
| upstream | released | 65.5.1 |
| xenial | DNE |
Показывать по
Ссылки на источники
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remo ...
EPSS
5.9 Medium
CVSS3