Vulnerabilities > Python > Setuptools > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-23 | CVE-2022-40897 | Unspecified vulnerability in Python Setuptools Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. | 5.9 |
2013-08-06 | CVE-2013-1633 | Improper Input Validation vulnerability in Python Setuptools easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product. | 6.8 |