Количество 98
Количество 98
GHSA-mh6q-v4mp-2cc7
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.
ELSA-2024-4779
ELSA-2024-4779: python3 security update (LOW)
ELSA-2024-4766
ELSA-2024-4766: python3 security update (LOW)
BDU:2024-05196
Уязвимость классов ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address и ipaddress.IPv6Network модуля ipaddress интерпретатора языка программирования Python (CPython), позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
SUSE-SU-2024:2280-1
Security update for python39
SUSE-SU-2024:2274-1
Security update for python39
ROS-20240917-08
Уязвимость python3
SUSE-SU-2024:2572-1
Security update for python312
CVE-2024-6345
A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.
CVE-2024-6345
A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.
CVE-2024-6345
A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.
CVE-2024-6345
CVE-2024-6345
A vulnerability in the package_index module of pypa/setuptools version ...
SUSE-SU-2024:3303-1
Security update for python312
SUSE-SU-2024:2479-1
Security update for python3
SUSE-SU-2024:3055-1
Security update for python-setuptools
SUSE-SU-2024:3054-1
Security update for python3-setuptools
SUSE-SU-2024:2950-1
Security update for python36-setuptools
SUSE-SU-2024:2907-1
Security update for python310-setuptools
SUSE-SU-2024:2906-1
Security update for python39-setuptools
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-mh6q-v4mp-2cc7 The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| ELSA-2024-4779 ELSA-2024-4779: python3 security update (LOW) | больше 1 года назад | ||
| ELSA-2024-4766 ELSA-2024-4766: python3 security update (LOW) | больше 1 года назад | ||
 | BDU:2024-05196 Уязвимость классов ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address и ipaddress.IPv6Network модуля ipaddress интерпретатора языка программирования Python (CPython), позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 3.7 | 1% Низкий | почти 2 года назад |
 | SUSE-SU-2024:2280-1 Security update for python39 | больше 1 года назад | ||
| SUSE-SU-2024:2274-1 Security update for python39 | больше 1 года назад | ||
 | ROS-20240917-08 Уязвимость python3 | CVSS3: 3.7 | 1% Низкий | около 1 года назад |
| SUSE-SU-2024:2572-1 Security update for python312 | больше 1 года назад | ||
 | CVE-2024-6345 A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. | CVSS3: 8.8 | 5% Низкий | больше 1 года назад |
 | CVE-2024-6345 A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. | CVSS3: 8.8 | 5% Низкий | больше 1 года назад |
 | CVE-2024-6345 A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. | CVSS3: 8.8 | 5% Низкий | больше 1 года назад |
 | CVSS3: 8.8 | 5% Низкий | около 1 года назад | |
| CVE-2024-6345 A vulnerability in the package_index module of pypa/setuptools version ... | CVSS3: 8.8 | 5% Низкий | больше 1 года назад |
| SUSE-SU-2024:3303-1 Security update for python312 | около 1 года назад | ||
| SUSE-SU-2024:2479-1 Security update for python3 | больше 1 года назад | ||
| SUSE-SU-2024:3055-1 Security update for python-setuptools | 5% Низкий | больше 1 года назад | |
| SUSE-SU-2024:3054-1 Security update for python3-setuptools | 5% Низкий | больше 1 года назад | |
| SUSE-SU-2024:2950-1 Security update for python36-setuptools | 5% Низкий | больше 1 года назад | |
| SUSE-SU-2024:2907-1 Security update for python310-setuptools | 5% Низкий | больше 1 года назад | |
| SUSE-SU-2024:2906-1 Security update for python39-setuptools | 5% Низкий | больше 1 года назад |
Уязвимостей на страницу