Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/setuptools@52.0.0-4%2Bdeb11u1?distro=trixie
Typedeb
Namespacedebian
Namesetuptools
Version52.0.0-4+deb11u1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version52.0.0-4+deb11u2
Latest_non_vulnerable_version70.3.0-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-ebnc-7f5a-effj
vulnerability_id VCID-ebnc-7f5a-effj
summary Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40897.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40897.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40897
reference_id
reference_type
scores
0
value 0.00513
scoring_system epss
scoring_elements 0.66519
published_at 2026-04-21T12:55:00Z
1
value 0.00513
scoring_system epss
scoring_elements 0.66534
published_at 2026-04-18T12:55:00Z
2
value 0.00513
scoring_system epss
scoring_elements 0.66517
published_at 2026-04-16T12:55:00Z
3
value 0.00513
scoring_system epss
scoring_elements 0.66481
published_at 2026-04-13T12:55:00Z
4
value 0.00513
scoring_system epss
scoring_elements 0.66513
published_at 2026-04-12T12:55:00Z
5
value 0.00513
scoring_system epss
scoring_elements 0.66525
published_at 2026-04-11T12:55:00Z
6
value 0.00513
scoring_system epss
scoring_elements 0.66505
published_at 2026-04-09T12:55:00Z
7
value 0.00513
scoring_system epss
scoring_elements 0.66491
published_at 2026-04-08T12:55:00Z
8
value 0.00513
scoring_system epss
scoring_elements 0.66445
published_at 2026-04-02T12:55:00Z
9
value 0.00513
scoring_system epss
scoring_elements 0.66443
published_at 2026-04-07T12:55:00Z
10
value 0.00513
scoring_system epss
scoring_elements 0.66472
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40897
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2022-43012.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2022-43012.yaml
5
reference_url https://github.com/pypa/setuptools
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/setuptools
6
reference_url https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/
url https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200
7
reference_url https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/
url https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be
8
reference_url https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/
url https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1
9
reference_url https://github.com/pypa/setuptools/issues/3659
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/setuptools/issues/3659
10
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40897
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-40897
16
reference_url https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
17
reference_url https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/
url https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/
18
reference_url https://pyup.io/vulnerabilities/CVE-2022-40897/52495
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pyup.io/vulnerabilities/CVE-2022-40897/52495
19
reference_url https://pyup.io/vulnerabilities/CVE-2022-40897/52495/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/
url https://pyup.io/vulnerabilities/CVE-2022-40897/52495/
20
reference_url https://security.netapp.com/advisory/ntap-20230214-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230214-0001
21
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
22
reference_url https://setuptools.pypa.io/en/latest
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://setuptools.pypa.io/en/latest
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2158559
reference_id 2158559
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2158559
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R/
reference_id ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R/
25
reference_url https://github.com/advisories/GHSA-r9hx-vwmv-q579
reference_id GHSA-r9hx-vwmv-q579
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r9hx-vwmv-q579
26
reference_url https://security.gentoo.org/glsa/202405-10
reference_id GLSA-202405-10
reference_type
scores
url https://security.gentoo.org/glsa/202405-10
27
reference_url https://security.netapp.com/advisory/ntap-20230214-0001/
reference_id ntap-20230214-0001
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/
url https://security.netapp.com/advisory/ntap-20230214-0001/
28
reference_url https://access.redhat.com/errata/RHSA-2023:0835
reference_id RHSA-2023:0835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0835
29
reference_url https://access.redhat.com/errata/RHSA-2023:0952
reference_id RHSA-2023:0952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0952
30
reference_url https://access.redhat.com/errata/RHSA-2023:6793
reference_id RHSA-2023:6793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6793
31
reference_url https://access.redhat.com/errata/RHSA-2023:7395
reference_id RHSA-2023:7395
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7395
32
reference_url https://access.redhat.com/errata/RHSA-2024:2985
reference_id RHSA-2024:2985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2985
33
reference_url https://access.redhat.com/errata/RHSA-2024:2987
reference_id RHSA-2024:2987
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2987
34
reference_url https://access.redhat.com/errata/RHSA-2024:4421
reference_id RHSA-2024:4421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4421
35
reference_url https://access.redhat.com/errata/RHSA-2024:6915
reference_id RHSA-2024:6915
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6915
36
reference_url https://usn.ubuntu.com/5817-1/
reference_id USN-5817-1
reference_type
scores
url https://usn.ubuntu.com/5817-1/
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H/
reference_id YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H/
fixed_packages
0
url pkg:deb/debian/setuptools@52.0.0-4?distro=trixie
purl pkg:deb/debian/setuptools@52.0.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@52.0.0-4%3Fdistro=trixie
1
url pkg:deb/debian/setuptools@52.0.0-4%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/setuptools@52.0.0-4%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@52.0.0-4%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/setuptools@65.6.3-1?distro=trixie
purl pkg:deb/debian/setuptools@65.6.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@65.6.3-1%3Fdistro=trixie
3
url pkg:deb/debian/setuptools@66.1.1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/setuptools@66.1.1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@66.1.1-1%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/setuptools@78.1.1-0.1?distro=trixie
purl pkg:deb/debian/setuptools@78.1.1-0.1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-v6y5-h7b6-3qda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@78.1.1-0.1%3Fdistro=trixie
aliases BIT-setuptools-2022-40897, CVE-2022-40897, GHSA-r9hx-vwmv-q579, PYSEC-2022-43012
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebnc-7f5a-effj
1
url VCID-qt3x-msd9-tyct
vulnerability_id VCID-qt3x-msd9-tyct
summary 
setuptools vulnerable to Command Injection via package URL
A vulnerability in the `package_index` module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6345.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6345.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6345
reference_id
reference_type
scores
0
value 0.05553
scoring_system epss
scoring_elements 0.90291
published_at 2026-04-16T12:55:00Z
1
value 0.05553
scoring_system epss
scoring_elements 0.90275
published_at 2026-04-13T12:55:00Z
2
value 0.05553
scoring_system epss
scoring_elements 0.90281
published_at 2026-04-12T12:55:00Z
3
value 0.05553
scoring_system epss
scoring_elements 0.90282
published_at 2026-04-11T12:55:00Z
4
value 0.05553
scoring_system epss
scoring_elements 0.90273
published_at 2026-04-09T12:55:00Z
5
value 0.05553
scoring_system epss
scoring_elements 0.90267
published_at 2026-04-08T12:55:00Z
6
value 0.05553
scoring_system epss
scoring_elements 0.90251
published_at 2026-04-07T12:55:00Z
7
value 0.05697
scoring_system epss
scoring_elements 0.90425
published_at 2026-04-21T12:55:00Z
8
value 0.05697
scoring_system epss
scoring_elements 0.90427
published_at 2026-04-18T12:55:00Z
9
value 0.07336
scoring_system epss
scoring_elements 0.9167
published_at 2026-04-04T12:55:00Z
10
value 0.07336
scoring_system epss
scoring_elements 0.91665
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6345
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/setuptools
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/setuptools
5
reference_url https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-15T13:33:16Z/
url https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0
6
reference_url https://github.com/pypa/setuptools/pull/4332
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/setuptools/pull/4332
7
reference_url https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-15T13:33:16Z/
url https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5
8
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6345
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6345
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2297771
reference_id 2297771
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2297771
11
reference_url https://github.com/advisories/GHSA-cx63-2mw6-8hw5
reference_id GHSA-cx63-2mw6-8hw5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cx63-2mw6-8hw5
12
reference_url https://access.redhat.com/errata/RHSA-2024:10135
reference_id RHSA-2024:10135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10135
13
reference_url https://access.redhat.com/errata/RHSA-2024:11109
reference_id RHSA-2024:11109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11109
14
reference_url https://access.redhat.com/errata/RHSA-2024:5000
reference_id RHSA-2024:5000
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5000
15
reference_url https://access.redhat.com/errata/RHSA-2024:5002
reference_id RHSA-2024:5002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5002
16
reference_url https://access.redhat.com/errata/RHSA-2024:5040
reference_id RHSA-2024:5040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5040
17
reference_url https://access.redhat.com/errata/RHSA-2024:5078
reference_id RHSA-2024:5078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5078
18
reference_url https://access.redhat.com/errata/RHSA-2024:5084
reference_id RHSA-2024:5084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5084
19
reference_url https://access.redhat.com/errata/RHSA-2024:5137
reference_id RHSA-2024:5137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5137
20
reference_url https://access.redhat.com/errata/RHSA-2024:5279
reference_id RHSA-2024:5279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5279
21
reference_url https://access.redhat.com/errata/RHSA-2024:5389
reference_id RHSA-2024:5389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5389
22
reference_url https://access.redhat.com/errata/RHSA-2024:5530
reference_id RHSA-2024:5530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5530
23
reference_url https://access.redhat.com/errata/RHSA-2024:5531
reference_id RHSA-2024:5531
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5531
24
reference_url https://access.redhat.com/errata/RHSA-2024:5532
reference_id RHSA-2024:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5532
25
reference_url https://access.redhat.com/errata/RHSA-2024:5533
reference_id RHSA-2024:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5533
26
reference_url https://access.redhat.com/errata/RHSA-2024:5534
reference_id RHSA-2024:5534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5534
27
reference_url https://access.redhat.com/errata/RHSA-2024:5962
reference_id RHSA-2024:5962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5962
28
reference_url https://access.redhat.com/errata/RHSA-2024:6220
reference_id RHSA-2024:6220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6220
29
reference_url https://access.redhat.com/errata/RHSA-2024:6309
reference_id RHSA-2024:6309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6309
30
reference_url https://access.redhat.com/errata/RHSA-2024:6311
reference_id RHSA-2024:6311
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6311
31
reference_url https://access.redhat.com/errata/RHSA-2024:6312
reference_id RHSA-2024:6312
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6312
32
reference_url https://access.redhat.com/errata/RHSA-2024:6488
reference_id RHSA-2024:6488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6488
33
reference_url https://access.redhat.com/errata/RHSA-2024:6611
reference_id RHSA-2024:6611
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6611
34
reference_url https://access.redhat.com/errata/RHSA-2024:6612
reference_id RHSA-2024:6612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6612
35
reference_url https://access.redhat.com/errata/RHSA-2024:6661
reference_id RHSA-2024:6661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6661
36
reference_url https://access.redhat.com/errata/RHSA-2024:6662
reference_id RHSA-2024:6662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6662
37
reference_url https://access.redhat.com/errata/RHSA-2024:6667
reference_id RHSA-2024:6667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6667
38
reference_url https://access.redhat.com/errata/RHSA-2024:6726
reference_id RHSA-2024:6726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6726
39
reference_url https://access.redhat.com/errata/RHSA-2024:6907
reference_id RHSA-2024:6907
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6907
40
reference_url https://access.redhat.com/errata/RHSA-2024:7213
reference_id RHSA-2024:7213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7213
41
reference_url https://access.redhat.com/errata/RHSA-2024:7374
reference_id RHSA-2024:7374
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7374
42
reference_url https://access.redhat.com/errata/RHSA-2024:8168
reference_id RHSA-2024:8168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8168
43
reference_url https://access.redhat.com/errata/RHSA-2024:8170
reference_id RHSA-2024:8170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8170
44
reference_url https://access.redhat.com/errata/RHSA-2024:8171
reference_id RHSA-2024:8171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8171
45
reference_url https://access.redhat.com/errata/RHSA-2024:8172
reference_id RHSA-2024:8172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8172
46
reference_url https://access.redhat.com/errata/RHSA-2024:8173
reference_id RHSA-2024:8173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8173
47
reference_url https://access.redhat.com/errata/RHSA-2024:8179
reference_id RHSA-2024:8179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8179
48
reference_url https://usn.ubuntu.com/7002-1/
reference_id USN-7002-1
reference_type
scores
url https://usn.ubuntu.com/7002-1/
fixed_packages
0
url pkg:deb/debian/setuptools@52.0.0-4?distro=trixie
purl pkg:deb/debian/setuptools@52.0.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@52.0.0-4%3Fdistro=trixie
1
url pkg:deb/debian/setuptools@52.0.0-4%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/setuptools@52.0.0-4%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@52.0.0-4%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/setuptools@66.1.1-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/setuptools@66.1.1-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@66.1.1-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/setuptools@66.1.1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/setuptools@66.1.1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@66.1.1-1%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/setuptools@70.3.0-2?distro=trixie
purl pkg:deb/debian/setuptools@70.3.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@70.3.0-2%3Fdistro=trixie
5
url pkg:deb/debian/setuptools@78.1.1-0.1?distro=trixie
purl pkg:deb/debian/setuptools@78.1.1-0.1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-v6y5-h7b6-3qda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@78.1.1-0.1%3Fdistro=trixie
aliases CVE-2024-6345, GHSA-cx63-2mw6-8hw5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qt3x-msd9-tyct
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/setuptools@52.0.0-4%252Bdeb11u1%3Fdistro=trixie