Python/setuptools/21.2.1
Easily download, build, install, upgrade, and uninstall Python packages
https://pypi.org/project/setuptools
MIT
1 Security Vulnerabilities
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)
Published date: 2022-12-23T00:30:23Z
CVE: CVE-2022-40897
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2022-40897
- https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200
- https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/
- https://github.com/pypa/setuptools/issues/3659
- https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be
- https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1
- https://pyup.io/vulnerabilities/CVE-2022-40897/52495/
- https://setuptools.pypa.io/en/latest/
- https://github.com/advisories/GHSA-r9hx-vwmv-q579
- https://security.netapp.com/advisory/ntap-20230214-0001/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H/
Python Packaging Authority (PyPA)'s setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page due to a vulnerable Regular Expression in package_index. This has been patched in version 65.5.1.
Affected versions:
["0.6b1", "0.6b2", "0.6b3", "0.6b4", "0.6c1", "0.6c10", "0.6c11", "0.6c2", "0.6c3", "0.6c4", "0.6c5", "0.6c6", "0.6c7", "0.6c8", "0.6c9", "0.7.2", "0.7.3", "0.7.4", "0.7.5", "0.7.6", "0.7.7", "0.7.8", "0.8", "0.9", "0.9.1", "0.9.2", "0.9.3", "0.9.4", "0.9.5", "0.9.6", "0.9.7", "0.9.8", "1.0", "1.1", "1.1.1", "1.1.2", "1.1.3", "1.1.4", "1.1.5", "1.1.6", "1.1.7", "1.2", "1.3", "1.3.1", "1.3.2", "1.4", "1.4.1", "1.4.2", "10.0", "10.0.1", "10.1", "10.2", "10.2.1", "11.0", "11.1", "11.2", "11.3", "11.3.1", "12.0", "12.0.1", "12.0.2", "12.0.3", "12.0.4", "12.0.5", "12.1", "12.2", "12.3", "12.4", "13.0", "13.0.1", "13.0.2", "14.0", "14.1", "14.1.1", "14.2", "14.3", "14.3.1", "15.0", "15.1", "15.2", "16.0", "17.0", "17.1", "17.1.1", "18.0", "18.0.1", "18.1", "18.2", "18.3", "18.3.1", "18.3.2", "18.4", "18.5", "18.6", "18.6.1", "18.7", "18.7.1", "18.8", "18.8.1", "19.0", "19.1", "19.1.1", "19.2", "19.3", "19.4", "19.4.1", "19.5", "19.6", "19.6.1", "19.6.2", "19.7", "2.0", "2.0.1", "2.0.2", "2.1", "2.1.1", "2.1.2", "2.2", "20.0", "20.1", "20.1.1", "20.10.1", "20.2.2", "20.3", "20.3.1", "20.4", "20.6.6", "20.6.7", "20.6.8", "20.7.0", "20.8.0", "20.8.1", "20.9.0", "21.0.0", "21.1.0", "21.2.0", "21.2.1", "21.2.2", "22.0.0", "22.0.1", "22.0.2", "22.0.4", "22.0.5", "23.0.0", "23.1.0", "23.2.0", "23.2.1", "24.0.0", "24.0.1", "24.0.2", "24.0.3", "24.1.0", "24.1.1", "24.2.0", "24.2.1", "24.3.0", "24.3.1", "25.0.0", "25.0.1", "25.0.2", "25.1.0", "25.1.1", "25.1.2", "25.1.3", "25.1.4", "25.1.5", "25.1.6", "25.2.0", "25.3.0", "25.4.0", "26.0.0", "26.1.0", "26.1.1", "27.0.0", "27.1.0", "27.1.2", "27.2.0", "27.3.0", "27.3.1", "28.0.0", "28.1.0", "28.2.0", "28.3.0", "28.4.0", "28.5.0", "28.6.0", "28.6.1", "28.7.0", "28.7.1", "28.8.0", "28.8.1", "29.0.0", "29.0.1", "3.0", "3.0.1", "3.0.2", "3.1", "3.2", "3.3", "3.4", "3.4.1", "3.4.2", "3.4.3", "3.4.4", "3.5", "3.5.1", "3.5.2", "3.6", "3.7", "3.7.1", "3.8", "3.8.1", "30.0.0", "30.1.0", "30.2.0", "30.2.1", "30.3.0", "30.4.0", "31.0.0", "31.0.1", "32.0.0", "32.1.0", "32.1.1", "32.1.2", "32.1.3", "32.2.0", "32.3.0", "32.3.1", "33.1.0", "33.1.1", "34.0.0", "34.0.1", "34.0.2", "34.0.3", "34.1.0", "34.1.1", "34.2.0", "34.3.0", "34.3.1", "34.3.2", "34.3.3", "34.4.0", "34.4.1", "35.0.0", "35.0.1", "35.0.2", "36.0.1", "36.1.0", "36.1.1", "36.2.0", "36.2.1", "36.2.2", "36.2.3", "36.2.4", "36.2.5", "36.2.6", "36.2.7", "36.3.0", "36.4.0", "36.5.0", "36.6.0", "36.6.1", "36.7.0", "36.7.1", "36.7.2", "36.8.0", "37.0.0", "38.0.0", "38.1.0", "38.2.0", "38.2.1", "38.2.3", "38.2.4", "38.2.5", "38.3.0", "38.4.0", "38.4.1", "38.5.0", "38.5.1", "38.5.2", "38.6.0", "38.6.1", "38.7.0", "39.0.0", "39.0.1", "39.1.0", "39.2.0", "4.0", "4.0.1", "40.0.0", "40.1.0", "40.1.1", "40.2.0", "40.3.0", "40.4.0", "40.4.1", "40.4.2", "40.4.3", "40.5.0", "40.6.0", "40.6.1", "40.6.2", "40.6.3", "40.7.0", "40.7.1", "40.7.2", "40.7.3", "40.8.0", "40.9.0", "41.0.0", "41.0.1", "41.1.0", "41.2.0", "41.3.0", "41.4.0", "41.5.0", "41.5.1", "41.6.0", "42.0.0", "42.0.1", "42.0.2", "43.0.0", "44.0.0", "44.1.0", "44.1.1", "45.0.0", "45.1.0", "45.2.0", "45.3.0", "46.0.0", "46.1.0", "46.1.1", "46.1.2", "46.1.3", "46.2.0", "46.3.0", "46.3.1", "46.4.0", "47.0.0", "47.1.0", "47.1.1", "47.2.0", "47.3.0", "47.3.1", "47.3.2", "48.0.0", "49.0.0", "49.0.1", "49.1.0", "49.1.1", "49.1.2", "49.1.3", "49.2.0", "49.2.1", "49.3.0", "49.3.1", "49.3.2", "49.4.0", "49.5.0", "49.6.0", "5.0", "5.0.1", "5.0.2", "5.1", "5.2", "5.3", "5.4", "5.4.1", "5.4.2", "5.5", "5.5.1", "5.6", "5.7", "5.8", "50.0.0", "50.0.1", "50.0.2", "50.0.3", "50.1.0", "50.2.0", "50.3.0", "50.3.1", "50.3.2", "51.0.0", "51.1.0", "51.1.0.post20201221", "51.1.1", "51.1.2", "51.2.0", "51.3.0", "51.3.1", "51.3.2", "51.3.3", "52.0.0", "53.0.0", "53.1.0", "54.0.0", "54.1.0", "54.1.1", "54.1.2", "54.1.3", "54.2.0", "56.0.0", "6.0.1", "6.0.2", "6.1", "7.0", "8.0", "8.0.1", "8.0.2", "8.0.3", "8.0.4", "8.1", "8.2", "8.2.1", "8.3", "9.0", "9.0.1", "9.1", "56.1.0", "56.2.0", "57.0.0", "57.1.0", "57.2.0", "57.3.0", "57.4.0", "57.5.0", "58.0.0", "58.0.1", "58.0.2", "58.0.3", "58.0.4", "58.1.0", "58.2.0", "58.3.0", "58.4.0", "58.5.0", "58.5.1", "58.5.2", "58.5.3", "59.0.1", "59.1.0", "59.1.1", "59.2.0", "59.3.0", "59.4.0", "59.5.0", "59.6.0", "59.7.0", "59.8.0", "60.0.0", "60.0.1", "60.0.2", "60.0.3", "60.0.4", "60.0.5", "60.1.0", "60.1.1", "60.2.0", "60.3.0", "60.3.1", "60.4.0", "60.5.0", "60.6.0", "60.7.0", "60.7.1", "60.8.0", "60.8.1", "60.8.2", "60.9.0", "60.9.1", "60.9.2", "60.9.3", "60.10.0", "61.0.0", "61.1.0", "61.1.1", "61.2.0", "61.3.0", "61.3.1", "62.0.0", "62.1.0", "62.2.0", "62.3.0", "62.3.1", "62.3.2", "62.3.3", "62.3.4", "62.4.0", "62.5.0", "62.6.0", "63.0.0b1", "63.0.0", "63.1.0", "63.2.0", "63.3.0", "63.4.0", "63.4.1", "63.4.2", "63.4.3", "64.0.0", "64.0.1", "64.0.2", "64.0.3", "65.0.0", "65.0.1", "65.0.2", "65.1.0", "65.1.1", "65.2.0", "65.3.0", "65.4.0", "65.4.1", "65.5.0"]
Secure versions:
[65.5.1, 65.6.0, 65.6.1, 65.6.2, 65.6.3, 65.7.0, 66.0.0, 66.1.0, 66.1.1, 67.0.0, 67.1.0, 67.2.0, 67.3.1, 67.3.2, 67.3.3, 67.4.0, 67.5.0, 67.5.1, 67.6.0, 67.6.1, 67.7.0, 67.7.1, 67.7.2, 67.8.0, 68.0.0, 68.1.0, 68.1.2, 68.2.0, 68.2.1, 68.2.2, 69.0.0, 69.0.1, 69.0.2, 69.0.3, 69.1.0, 69.1.1, 69.2.0, 69.3.0, 69.4.0, 69.3.1, 69.4.1, 69.4.2, 69.5.0, 69.5.1]
Recommendation:
Update to version 69.5.1.
558 Other Versions
| Version | License | Security | Released | |
|---|---|---|---|---|
| 69.5.1 | MIT | |||
| 69.5.0 | MIT | |||
| 69.4.2 | MIT | |||
| 69.4.1 | MIT | |||
| 69.4.0 | MIT | |||
| 69.3.1 | MIT | |||
| 69.3.0 | MIT | |||
| 69.2.0 | MIT | |||
| 69.1.1 | MIT | |||
| 69.1.0 | MIT | |||
| 69.0.3 | MIT | |||
| 69.0.2 | MIT | |||
| 69.0.1 | MIT | |||
| 69.0.0 | MIT | |||
| 68.2.2 | MIT | |||
| 68.2.1 | MIT | |||
| 68.2.0 | MIT | |||
| 68.1.2 | MIT | |||
| 68.1.0 | MIT | |||
| 68.0.0 | MIT | |||
| 67.8.0 | MIT | |||
| 67.7.2 | MIT | |||
| 67.7.1 | MIT | |||
| 67.7.0 | MIT | |||
| 67.6.1 | MIT | |||
| 67.6.0 | MIT | |||
| 67.5.1 | MIT | |||
| 67.5.0 | MIT | |||
| 67.4.0 | MIT | |||
| 67.3.3 | MIT | |||
| 67.3.2 | MIT | |||
| 67.3.1 | MIT | |||
| 67.2.0 | MIT | |||
| 67.1.0 | MIT | |||
| 67.0.0 | MIT | |||
| 66.1.1 | MIT | |||
| 66.1.0 | MIT | |||
| 66.0.0 | MIT | |||
| 65.7.0 | MIT | |||
| 65.6.3 | MIT | |||
| 65.6.2 | MIT | |||
| 65.6.1 | MIT | |||
| 65.6.0 | MIT | |||
| 65.5.1 | MIT | |||
| 65.5.0 | MIT | 1 | ||
| 65.4.1 | MIT | 1 | ||
| 65.4.0 | MIT | 1 | ||
| 65.3.0 | MIT | 1 | ||
| 65.2.0 | MIT | 1 | ||
| 65.1.1 | MIT | 1 | ||
| 65.1.0 | MIT | 1 | ||
| 65.0.2 | MIT | 1 | ||
| 65.0.1 | MIT | 1 | ||
| 65.0.0 | MIT | 1 | ||
| 64.0.3 | MIT | 1 | ||
| 64.0.2 | MIT | 1 | ||
| 64.0.1 | MIT | 1 | ||
| 64.0.0 | MIT | 1 | ||
| 63.4.3 | MIT | 1 | ||
| 63.4.2 | MIT | 1 | ||
| 63.4.1 | MIT | 1 | ||
| 63.4.0 | MIT | 1 | ||
| 63.3.0 | MIT | 1 | ||
| 63.2.0 | MIT | 1 | ||
| 63.1.0 | MIT | 1 | 2022-07-04 - 02:25 | almost 2 years |
| 63.0.0 | MIT | 1 | 2022-07-03 - 23:38 | almost 2 years |
| 63.0.0b1 | MIT | 1 | 2022-06-29 - 21:23 | almost 2 years |
| 62.6.0 | MIT | 1 | 2022-06-19 - 20:52 | almost 2 years |
| 62.5.0 | MIT | 1 | 2022-06-17 - 21:44 | almost 2 years |
| 62.4.0 | MIT | 1 | 2022-06-13 - 12:39 | almost 2 years |
| 62.3.4 | MIT | 1 | 2022-06-11 - 12:44 | almost 2 years |
| 62.3.3 | MIT | 1 | 2022-06-07 - 18:55 | almost 2 years |
| 62.3.2 | MIT | 1 | 2022-05-18 - 18:30 | almost 2 years |
| 62.3.1 | MIT | 1 | 2022-05-17 - 07:55 | almost 2 years |
| 62.3.0 | MIT | 1 | 2022-05-16 - 22:03 | almost 2 years |
| 62.2.0 | MIT | 1 | 2022-05-10 - 15:37 | almost 2 years |
| 62.1.0 | MIT | 1 | 2022-04-10 - 21:28 | about 2 years |
| 62.0.0 | MIT | 1 | 2022-04-04 - 12:19 | about 2 years |
| 61.3.1 | MIT | 1 | 2022-04-01 - 23:15 | about 2 years |
| 61.3.0 | MIT | 1 | 2022-03-31 - 19:33 | about 2 years |
| 61.2.0 | MIT | 1 | 2022-03-27 - 21:13 | about 2 years |
| 61.1.1 | MIT | 1 | 2022-03-26 - 11:43 | about 2 years |
| 61.1.0 | MIT | 1 | 2022-03-25 - 20:41 | about 2 years |
| 61.0.0 | MIT | 1 | 2022-03-24 - 20:22 | about 2 years |
| 60.10.0 | MIT | 1 | 2022-03-16 - 16:50 | about 2 years |
| 60.9.3 | MIT | 1 | 2022-02-18 - 02:10 | about 2 years |
| 60.9.2 | MIT | 1 | 2022-02-16 - 13:57 | about 2 years |
| 60.9.1 | MIT | 1 | 2022-02-15 - 11:21 | about 2 years |
| 60.9.0 | MIT | 1 | 2022-02-14 - 00:20 | about 2 years |
| 60.8.2 | MIT | 1 | 2022-02-09 - 17:01 | about 2 years |
| 60.8.1 | MIT | 1 | 2022-02-06 - 18:09 | about 2 years |
| 60.8.0 | MIT | 1 | 2022-02-06 - 04:34 | about 2 years |
| 60.7.1 | MIT | 1 | 2022-02-03 - 04:59 | about 2 years |
| 60.7.0 | MIT | 1 | 2022-02-02 - 10:32 | about 2 years |
| 60.6.0 | MIT | 1 | 2022-01-31 - 03:47 | about 2 years |
| 60.5.0 | MIT | 1 | 2022-01-08 - 21:36 | over 2 years |
| 60.4.0 | MIT | 1 | 2022-01-08 - 21:36 | over 2 years |
| 60.3.1 | MIT | 1 | 2022-01-06 - 16:50 | over 2 years |
| 60.3.0 | MIT | 1 | 2022-01-06 - 01:51 | over 2 years |
| 60.2.0 | MIT | 1 | 2021-12-29 - 21:30 | over 2 years |