Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-40897

Опубликовано: 23 дек. 2022
Источник: ubuntu
Приоритет: medium
CVSS3: 5.9

Описание

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.

РелизСтатусПримечание
bionic

released

9.0.1-2.3~ubuntu1.18.04.6
devel

not-affected

23.0.1+dfsg-1
esm-apps/bionic

released

9.0.1-2.3~ubuntu1.18.04.6
esm-apps/focal

released

20.0.2-5ubuntu1.7
esm-apps/jammy

released

22.0.2+dfsg-1ubuntu0.1
esm-apps/xenial

released

8.1.1-2ubuntu0.6+esm3
esm-infra-legacy/trusty

released

1.5.4-1ubuntu4+esm2
focal

released

20.0.2-5ubuntu1.7
jammy

released

22.0.2+dfsg-1ubuntu0.1
kinetic

released

22.2+dfsg-1ubuntu0.1

Показывать по

РелизСтатусПримечание
bionic

released

39.0.1-2ubuntu0.1
esm-apps/focal

released

44.0.0-2ubuntu0.1
esm-apps/jammy

released

44.1.1-1.2ubuntu0.22.04.1
esm-infra-legacy/trusty

released

3.3-1ubuntu2+esm1
esm-infra/bionic

released

39.0.1-2ubuntu0.1
esm-infra/xenial

released

20.7.0-1ubuntu0.1~esm1
focal

released

44.0.0-2ubuntu0.1
jammy

released

44.1.1-1.2ubuntu0.22.04.1
kinetic

released

44.1.1-1.2ubuntu0.22.10.1
trusty

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

not-affected

66.1.1-1
esm-infra/focal

released

45.2.0-1ubuntu0.1
focal

released

45.2.0-1ubuntu0.1
jammy

released

59.6.0-1.2ubuntu0.22.04.1
kinetic

released

59.6.0-1.2ubuntu0.22.10.1
lunar

not-affected

66.1.1-1
trusty

DNE

upstream

released

65.5.1
xenial

DNE

Показывать по

Ссылки на источники

5.9 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-40897

CVSS3: 5.9
redhat
почти 3 года назад

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.

nvd логотип

CVE-2022-40897

CVSS3: 5.9
nvd
почти 3 года назад

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.

msrc логотип

CVE-2022-40897

CVSS3: 5.9
msrc
почти 3 года назад

Описание отсутствует

debian логотип

CVE-2022-40897

CVSS3: 5.9
debian
почти 3 года назад

Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remo ...

suse-cvrf логотип

SUSE-SU-2023:4517-1

suse-cvrf
почти 2 года назад

Security update for python3-setuptools

5.9 Medium

CVSS3