Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/setuptools@3.2

Type pypi

Namespace

Name setuptools

Version 3.2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 78.1.1

Latest_non_vulnerable_version 78.1.1

Affected_by_vulnerabilities

url VCID-8gwq-ewk9-skcd

vulnerability_id VCID-8gwq-ewk9-skcd

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47273.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47273.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-47273

reference_id

reference_type

scores

value	0.0012
scoring_system	epss
scoring_elements	0.30573
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-47273

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml

reference_url

https://github.com/pypa/setuptools

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/setuptools

reference_url

https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-47273

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-47273

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105970
reference_id	1105970
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105970

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2366982
reference_id	2366982
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2366982

reference_url

https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b

reference_id

250a6d17978f9f6ac3ac887091f2d32886fbbb0b

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T14:45:34Z/

url

https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b

reference_url

https://github.com/pypa/setuptools/issues/4946

reference_id

4946

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T14:45:34Z/

url

https://github.com/pypa/setuptools/issues/4946

reference_url	https://github.com/advisories/GHSA-5rjg-fvgr-3xxf
reference_id	GHSA-5rjg-fvgr-3xxf
reference_type
scores
url	https://github.com/advisories/GHSA-5rjg-fvgr-3xxf

reference_url

https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf

reference_id

GHSA-5rjg-fvgr-3xxf

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T14:45:34Z/

url

https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf

reference_url

https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88

reference_id

package_index.py#L810C1-L825C88

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T14:45:34Z/

url

https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88

reference_url	https://access.redhat.com/errata/RHSA-2025:10407
reference_id	RHSA-2025:10407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10407

reference_url	https://access.redhat.com/errata/RHSA-2025:10787
reference_id	RHSA-2025:10787
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10787

reference_url	https://access.redhat.com/errata/RHSA-2025:10809
reference_id	RHSA-2025:10809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10809

reference_url	https://access.redhat.com/errata/RHSA-2025:10992
reference_id	RHSA-2025:10992
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10992

reference_url	https://access.redhat.com/errata/RHSA-2025:11036
reference_id	RHSA-2025:11036
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11036

reference_url	https://access.redhat.com/errata/RHSA-2025:11043
reference_id	RHSA-2025:11043
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11043

reference_url	https://access.redhat.com/errata/RHSA-2025:11044
reference_id	RHSA-2025:11044
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11044

reference_url	https://access.redhat.com/errata/RHSA-2025:11101
reference_id	RHSA-2025:11101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11101

reference_url	https://access.redhat.com/errata/RHSA-2025:11102
reference_id	RHSA-2025:11102
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11102

reference_url	https://access.redhat.com/errata/RHSA-2025:11146
reference_id	RHSA-2025:11146
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11146

reference_url	https://access.redhat.com/errata/RHSA-2025:11388
reference_id	RHSA-2025:11388
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11388

reference_url	https://access.redhat.com/errata/RHSA-2025:11424
reference_id	RHSA-2025:11424
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11424

reference_url	https://access.redhat.com/errata/RHSA-2025:11425
reference_id	RHSA-2025:11425
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11425

reference_url	https://access.redhat.com/errata/RHSA-2025:11426
reference_id	RHSA-2025:11426
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11426

reference_url	https://access.redhat.com/errata/RHSA-2025:11427
reference_id	RHSA-2025:11427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11427

reference_url	https://access.redhat.com/errata/RHSA-2025:11463
reference_id	RHSA-2025:11463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11463

reference_url	https://access.redhat.com/errata/RHSA-2025:11464
reference_id	RHSA-2025:11464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11464

reference_url	https://access.redhat.com/errata/RHSA-2025:11584
reference_id	RHSA-2025:11584
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11584

reference_url	https://access.redhat.com/errata/RHSA-2025:11607
reference_id	RHSA-2025:11607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11607

reference_url	https://access.redhat.com/errata/RHSA-2025:11868
reference_id	RHSA-2025:11868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11868

reference_url	https://access.redhat.com/errata/RHSA-2025:11984
reference_id	RHSA-2025:11984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11984

reference_url	https://access.redhat.com/errata/RHSA-2025:12020
reference_id	RHSA-2025:12020
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:12020

reference_url	https://access.redhat.com/errata/RHSA-2025:12834
reference_id	RHSA-2025:12834
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:12834

reference_url	https://access.redhat.com/errata/RHSA-2025:13578
reference_id	RHSA-2025:13578
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13578

reference_url	https://access.redhat.com/errata/RHSA-2025:13668
reference_id	RHSA-2025:13668
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13668

reference_url	https://access.redhat.com/errata/RHSA-2025:13669
reference_id	RHSA-2025:13669
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13669

reference_url	https://access.redhat.com/errata/RHSA-2025:13803
reference_id	RHSA-2025:13803
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13803

reference_url	https://access.redhat.com/errata/RHSA-2025:13804
reference_id	RHSA-2025:13804
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13804

reference_url	https://access.redhat.com/errata/RHSA-2025:14686
reference_id	RHSA-2025:14686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14686

reference_url	https://access.redhat.com/errata/RHSA-2025:14900
reference_id	RHSA-2025:14900
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14900

reference_url	https://access.redhat.com/errata/RHSA-2025:15408
reference_id	RHSA-2025:15408
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15408

reference_url	https://access.redhat.com/errata/RHSA-2025:15410
reference_id	RHSA-2025:15410
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15410

reference_url	https://access.redhat.com/errata/RHSA-2025:15411
reference_id	RHSA-2025:15411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15411

reference_url	https://access.redhat.com/errata/RHSA-2025:19421
reference_id	RHSA-2025:19421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19421

reference_url	https://access.redhat.com/errata/RHSA-2025:19422
reference_id	RHSA-2025:19422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19422

reference_url	https://access.redhat.com/errata/RHSA-2025:19423
reference_id	RHSA-2025:19423
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19423

reference_url	https://access.redhat.com/errata/RHSA-2025:19424
reference_id	RHSA-2025:19424
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19424

reference_url	https://access.redhat.com/errata/RHSA-2025:19425
reference_id	RHSA-2025:19425
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19425

reference_url	https://access.redhat.com/errata/RHSA-2025:19426
reference_id	RHSA-2025:19426
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19426

reference_url	https://access.redhat.com/errata/RHSA-2025:19427
reference_id	RHSA-2025:19427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19427

reference_url	https://access.redhat.com/errata/RHSA-2025:19428
reference_id	RHSA-2025:19428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19428

reference_url	https://access.redhat.com/errata/RHSA-2025:19429
reference_id	RHSA-2025:19429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19429

reference_url	https://access.redhat.com/errata/RHSA-2025:19430
reference_id	RHSA-2025:19430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19430

reference_url	https://access.redhat.com/errata/RHSA-2025:9940
reference_id	RHSA-2025:9940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9940

reference_url	https://access.redhat.com/errata/RHSA-2025:9966
reference_id	RHSA-2025:9966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9966

reference_url	https://access.redhat.com/errata/RHSA-2026:4215
reference_id	RHSA-2026:4215
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4215

reference_url	https://usn.ubuntu.com/7544-1/
reference_id	USN-7544-1
reference_type
scores
url	https://usn.ubuntu.com/7544-1/

reference_url	https://usn.ubuntu.com/8010-1/
reference_id	USN-8010-1
reference_type
scores
url	https://usn.ubuntu.com/8010-1/

fixed_packages

url	pkg:pypi/setuptools@78.1.1
purl	pkg:pypi/setuptools@78.1.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/setuptools@78.1.1

aliases BIT-setuptools-2025-47273, CVE-2025-47273, GHSA-5rjg-fvgr-3xxf, PYSEC-2025-49

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gwq-ewk9-skcd

url VCID-gtj7-gvfj-mfb4

vulnerability_id VCID-gtj7-gvfj-mfb4

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6345.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6345.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-6345

reference_id

reference_type

scores

value	0.09639
scoring_system	epss
scoring_elements	0.93068
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-6345

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/pypa/setuptools

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/setuptools

reference_url

https://github.com/pypa/setuptools/pull/4332

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/setuptools/pull/4332

reference_url

https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2297771
reference_id	2297771
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2297771

reference_url

https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0

reference_id

88807c7062788254f654ea8c03427adc859321f0

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-15T13:33:16Z/

url

https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-6345

reference_id

CVE-2024-6345

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-6345

reference_url

https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5

reference_id

d6362117-ad57-4e83-951f-b8141c6e7ca5

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-15T13:33:16Z/

url

https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5

reference_url

https://github.com/advisories/GHSA-cx63-2mw6-8hw5

reference_id

GHSA-cx63-2mw6-8hw5

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cx63-2mw6-8hw5

reference_url	https://access.redhat.com/errata/RHSA-2024:10135
reference_id	RHSA-2024:10135
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10135

reference_url	https://access.redhat.com/errata/RHSA-2024:11109
reference_id	RHSA-2024:11109
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11109

reference_url	https://access.redhat.com/errata/RHSA-2024:5000
reference_id	RHSA-2024:5000
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5000

reference_url	https://access.redhat.com/errata/RHSA-2024:5002
reference_id	RHSA-2024:5002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5002

reference_url	https://access.redhat.com/errata/RHSA-2024:5040
reference_id	RHSA-2024:5040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5040

reference_url	https://access.redhat.com/errata/RHSA-2024:5078
reference_id	RHSA-2024:5078
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5078

reference_url	https://access.redhat.com/errata/RHSA-2024:5084
reference_id	RHSA-2024:5084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5084

reference_url	https://access.redhat.com/errata/RHSA-2024:5137
reference_id	RHSA-2024:5137
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5137

reference_url	https://access.redhat.com/errata/RHSA-2024:5279
reference_id	RHSA-2024:5279
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5279

reference_url	https://access.redhat.com/errata/RHSA-2024:5389
reference_id	RHSA-2024:5389
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5389

reference_url	https://access.redhat.com/errata/RHSA-2024:5530
reference_id	RHSA-2024:5530
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5530

reference_url	https://access.redhat.com/errata/RHSA-2024:5531
reference_id	RHSA-2024:5531
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5531

reference_url	https://access.redhat.com/errata/RHSA-2024:5532
reference_id	RHSA-2024:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5532

reference_url	https://access.redhat.com/errata/RHSA-2024:5533
reference_id	RHSA-2024:5533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5533

reference_url	https://access.redhat.com/errata/RHSA-2024:5534
reference_id	RHSA-2024:5534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5534

reference_url	https://access.redhat.com/errata/RHSA-2024:5962
reference_id	RHSA-2024:5962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5962

reference_url	https://access.redhat.com/errata/RHSA-2024:6220
reference_id	RHSA-2024:6220
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6220

reference_url	https://access.redhat.com/errata/RHSA-2024:6309
reference_id	RHSA-2024:6309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6309

reference_url	https://access.redhat.com/errata/RHSA-2024:6311
reference_id	RHSA-2024:6311
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6311

reference_url	https://access.redhat.com/errata/RHSA-2024:6312
reference_id	RHSA-2024:6312
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6312

reference_url	https://access.redhat.com/errata/RHSA-2024:6488
reference_id	RHSA-2024:6488
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6488

reference_url	https://access.redhat.com/errata/RHSA-2024:6611
reference_id	RHSA-2024:6611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6611

reference_url	https://access.redhat.com/errata/RHSA-2024:6612
reference_id	RHSA-2024:6612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6612

reference_url	https://access.redhat.com/errata/RHSA-2024:6661
reference_id	RHSA-2024:6661
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6661

reference_url	https://access.redhat.com/errata/RHSA-2024:6662
reference_id	RHSA-2024:6662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6662

reference_url	https://access.redhat.com/errata/RHSA-2024:6667
reference_id	RHSA-2024:6667
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6667

reference_url	https://access.redhat.com/errata/RHSA-2024:6726
reference_id	RHSA-2024:6726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6726

reference_url	https://access.redhat.com/errata/RHSA-2024:6907
reference_id	RHSA-2024:6907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6907

reference_url	https://access.redhat.com/errata/RHSA-2024:7213
reference_id	RHSA-2024:7213
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7213

reference_url	https://access.redhat.com/errata/RHSA-2024:7374
reference_id	RHSA-2024:7374
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7374

reference_url	https://access.redhat.com/errata/RHSA-2024:7922
reference_id	RHSA-2024:7922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7922

reference_url	https://access.redhat.com/errata/RHSA-2024:8168
reference_id	RHSA-2024:8168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8168

reference_url	https://access.redhat.com/errata/RHSA-2024:8170
reference_id	RHSA-2024:8170
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8170

reference_url	https://access.redhat.com/errata/RHSA-2024:8171
reference_id	RHSA-2024:8171
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8171

reference_url	https://access.redhat.com/errata/RHSA-2024:8172
reference_id	RHSA-2024:8172
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8172

reference_url	https://access.redhat.com/errata/RHSA-2024:8173
reference_id	RHSA-2024:8173
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8173

reference_url	https://access.redhat.com/errata/RHSA-2024:8179
reference_id	RHSA-2024:8179
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8179

reference_url	https://usn.ubuntu.com/7002-1/
reference_id	USN-7002-1
reference_type
scores
url	https://usn.ubuntu.com/7002-1/

fixed_packages

url pkg:pypi/setuptools@70.0.0

purl pkg:pypi/setuptools@70.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8gwq-ewk9-skcd

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/setuptools@70.0.0

aliases CVE-2024-6345, GHSA-cx63-2mw6-8hw5

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gtj7-gvfj-mfb4

url VCID-nqx8-3vr8-y7g8

vulnerability_id VCID-nqx8-3vr8-y7g8

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40897.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40897.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-40897

reference_id

reference_type

scores

value	0.00513
scoring_system	epss
scoring_elements	0.6694
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-40897

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/advisories/GHSA-r9hx-vwmv-q579

reference_id

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r9hx-vwmv-q579

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2022-43012.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2022-43012.yaml

reference_url

https://github.com/pypa/setuptools

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/setuptools

reference_url

https://github.com/pypa/setuptools/issues/3659

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/setuptools/issues/3659

reference_url

https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-40897

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-40897

reference_url

https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

reference_url

https://pyup.io/vulnerabilities/CVE-2022-40897/52495

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://pyup.io/vulnerabilities/CVE-2022-40897/52495

reference_url

https://security.netapp.com/advisory/ntap-20230214-0001

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230214-0001

reference_url

https://security.netapp.com/advisory/ntap-20240621-0006

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240621-0006

reference_url

https://setuptools.pypa.io/en/latest

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://setuptools.pypa.io/en/latest

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2158559
reference_id	2158559
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2158559

reference_url

https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be

reference_id

43a9c9bfa6aa626ec2a22540bea28d2ca77964be

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/

url

https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be

reference_url

https://pyup.io/vulnerabilities/CVE-2022-40897/52495/

reference_id

52495

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/

url

https://pyup.io/vulnerabilities/CVE-2022-40897/52495/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R/

reference_id

ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R/

reference_url	https://security.gentoo.org/glsa/202405-10
reference_id	GLSA-202405-10
reference_type
scores
url	https://security.gentoo.org/glsa/202405-10

reference_url

https://security.netapp.com/advisory/ntap-20230214-0001/

reference_id

ntap-20230214-0001

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/

url

https://security.netapp.com/advisory/ntap-20230214-0001/

reference_url

https://security.netapp.com/advisory/ntap-20240621-0006/

reference_id

ntap-20240621-0006

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/

url

https://security.netapp.com/advisory/ntap-20240621-0006/

reference_url

https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200

reference_id

package_index.py#L200

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/

url

https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200

reference_url

https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/

reference_id

pyup-discovers-redos-vulnerabilities-in-top-python-packages

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/

url

https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/

reference_url	https://access.redhat.com/errata/RHSA-2023:0835
reference_id	RHSA-2023:0835
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0835

reference_url	https://access.redhat.com/errata/RHSA-2023:0952
reference_id	RHSA-2023:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0952

reference_url	https://access.redhat.com/errata/RHSA-2023:6793
reference_id	RHSA-2023:6793
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6793

reference_url	https://access.redhat.com/errata/RHSA-2023:7395
reference_id	RHSA-2023:7395
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7395

reference_url	https://access.redhat.com/errata/RHSA-2024:2985
reference_id	RHSA-2024:2985
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2985

reference_url	https://access.redhat.com/errata/RHSA-2024:2987
reference_id	RHSA-2024:2987
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2987

reference_url	https://access.redhat.com/errata/RHSA-2024:4421
reference_id	RHSA-2024:4421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4421

reference_url	https://access.redhat.com/errata/RHSA-2024:6915
reference_id	RHSA-2024:6915
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6915

reference_url	https://usn.ubuntu.com/5817-1/
reference_id	USN-5817-1
reference_type
scores
url	https://usn.ubuntu.com/5817-1/

reference_url

https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1

reference_id

v65.5.0...v65.5.1

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/

url

https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H/

reference_id

YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T17:14:35Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H/

fixed_packages

url pkg:pypi/setuptools@65.5.1

purl pkg:pypi/setuptools@65.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8gwq-ewk9-skcd

vulnerability	VCID-gtj7-gvfj-mfb4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/setuptools@65.5.1

aliases BIT-setuptools-2022-40897, CVE-2022-40897, GHSA-r9hx-vwmv-q579, PYSEC-2022-43012

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqx8-3vr8-y7g8

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/setuptools@3.2

Package Instance