python-setuptools (SUSE:Linux Enterprise Module for Containers 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Containers 12 package python-setuptools, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2024-6345 — CVSS 8.8 (high): A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download…
CVE-2018-1000807 — CVSS 8.1 (high): Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object…
CVE-2019-20916 — CVSS 7.5 (high): The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition…
CVE-2018-1000808 — CVSS 5.9 (medium): Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last…
CVE-2013-7440 — CVSS 5.9 (medium): The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames…
CVE-2022-40897 — CVSS 5.9 (medium): Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted…
CVE-2016-9015 — CVSS 3.7 (low): Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not…