FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-29 03:23:07 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
1b38aec4-4149-4c7d-851c-3c4de3a1fbd0	py39-setuptools -- denial of service vulnerability SCH227 reports: Python Packaging Authority (PyPA)'s setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page due to a vulnerable Regular Expression in `package_index`. This has been patched in version 65.5.1. The patch backported to the revision 63.1.0_1. Discovery 2022-12-23 Entry 2023-04-09 py39-setuptools < 44.1.1_1 >= 57.0.0 lt 58.5.3_3 >= 62.1.0 lt 63.1.0_1 CVE-2022-40897 https://osv.dev/vulnerability/GHSA-r9hx-vwmv-q579

VuXML ID

Description

1b38aec4-4149-4c7d-851c-3c4de3a1fbd0

py39-setuptools -- denial of service vulnerability

SCH227 reports:

Python Packaging Authority (PyPA)'s setuptools is a library designed to facilitate packaging Python projects.

Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page due to a vulnerable Regular Expression in `package_index`.

This has been patched in version 65.5.1. The patch backported to the revision 63.1.0_1.

Discovery 2022-12-23
Entry 2023-04-09
py39-setuptools

< 44.1.1_1

>= 57.0.0 lt 58.5.3_3

>= 62.1.0 lt 63.1.0_1

CVE-2022-40897
https://osv.dev/vulnerability/GHSA-r9hx-vwmv-q579