Python/setuptools/0.6c4
Easily download, build, install, upgrade, and uninstall Python packages
https://pypi.org/project/setuptools
PSF-2.0
OR
ZPL-2.1
2 Security Vulnerabilities
Setuptools vulnerable to Man-in-the-middle attacks
easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product.
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)
- https://nvd.nist.gov/vuln/detail/CVE-2022-40897
- https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200
- https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/
- https://github.com/pypa/setuptools/issues/3659
- https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be
- https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1
- https://pyup.io/vulnerabilities/CVE-2022-40897/52495/
- https://setuptools.pypa.io/en/latest/
- https://github.com/advisories/GHSA-r9hx-vwmv-q579
- https://security.netapp.com/advisory/ntap-20230214-0001/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H
- https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
- https://pyup.io/vulnerabilities/CVE-2022-40897/52495
- https://security.netapp.com/advisory/ntap-20230214-0001
- https://security.netapp.com/advisory/ntap-20240621-0006
- https://setuptools.pypa.io/en/latest
Python Packaging Authority (PyPA)'s setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page due to a vulnerable Regular Expression in package_index
. This has been patched in version 65.5.1.
561 Other Versions
Version | License | Security | Released | |
---|---|---|---|---|
60.3.1 | MIT | 1 | 2022-01-06 - 16:50 | over 2 years |
60.3.0 | MIT | 1 | 2022-01-06 - 01:51 | over 2 years |
60.2.0 | MIT | 1 | 2021-12-29 - 21:30 | over 2 years |
60.1.1 | MIT | 1 | 2021-12-28 - 20:16 | over 2 years |
60.1.0 | MIT | 1 | 2021-12-24 - 02:32 | over 2 years |
60.0.5 | MIT | 1 | 2021-12-23 - 17:16 | over 2 years |
60.0.4 | MIT | 1 | 2021-12-22 - 12:28 | over 2 years |
60.0.3 | MIT | 1 | 2021-12-21 - 00:56 | over 2 years |
60.0.2 | MIT | 1 | 2021-12-20 - 21:44 | over 2 years |
60.0.1 | MIT | 1 | 2021-12-20 - 18:54 | over 2 years |
60.0.0 | MIT | 1 | 2021-12-20 - 03:21 | over 2 years |
59.8.0 | MIT | 1 | 2021-12-20 - 01:46 | over 2 years |
59.7.0 | MIT | 1 | 2021-12-18 - 05:10 | over 2 years |
59.6.0 | MIT | 1 | 2021-12-12 - 20:46 | over 2 years |
59.5.0 | MIT | 1 | 2021-12-05 - 17:28 | over 2 years |
59.4.0 | MIT | 1 | 2021-11-29 - 01:18 | over 2 years |
59.3.0 | MIT | 1 | 2021-11-26 - 21:31 | over 2 years |
59.2.0 | MIT | 1 | 2021-11-19 - 01:14 | over 2 years |
59.1.1 | MIT | 1 | 2021-11-16 - 02:31 | over 2 years |
59.1.0 | MIT | 1 | 2021-11-15 - 02:07 | over 2 years |
59.0.1 | MIT | 1 | 2021-11-14 - 21:28 | over 2 years |
58.5.3 | MIT | 1 | 2021-11-04 - 23:33 | over 2 years |
58.5.2 | MIT | 1 | 2021-11-04 - 00:08 | over 2 years |
58.5.1 | MIT | 1 | 2021-11-03 - 22:45 | over 2 years |
58.5.0 | MIT | 1 | 2021-11-03 - 22:33 | over 2 years |
58.4.0 | MIT | 1 | 2021-11-01 - 02:41 | over 2 years |
58.3.0 | MIT | 1 | 2021-10-22 - 20:56 | over 2 years |
58.2.0 | MIT | 1 | 2021-10-02 - 03:11 | over 2 years |
58.1.0 | MIT | 1 | 2021-09-22 - 02:01 | almost 3 years |
58.0.4 | MIT | 1 | 2021-09-09 - 02:03 | almost 3 years |
58.0.3 | MIT | 1 | 2021-09-08 - 01:05 | almost 3 years |
58.0.2 | MIT | 1 | 2021-09-06 - 18:50 | almost 3 years |
58.0.1 | MIT | 1 | 2021-09-06 - 17:32 | almost 3 years |
58.0.0 | MIT | 1 | 2021-09-05 - 21:27 | almost 3 years |
57.5.0 | MIT | 1 | 2021-09-04 - 15:12 | almost 3 years |
57.4.0 | MIT | 1 | 2021-07-19 - 01:20 | almost 3 years |
57.3.0 | MIT | 1 | 2021-07-18 - 21:28 | almost 3 years |
57.2.0 | MIT | 1 | 2021-07-15 - 03:03 | almost 3 years |
57.1.0 | MIT | 1 | 2021-07-05 - 03:57 | almost 3 years |
57.0.0 | MIT | 1 | 2021-05-23 - 03:54 | about 3 years |
56.2.0 | MIT | 1 | 2021-05-09 - 17:40 | about 3 years |
56.1.0 | MIT | 1 | 2021-05-04 - 21:35 | about 3 years |
56.0.0 | MIT | 1 | 2021-04-09 - 00:24 | about 3 years |
54.2.0 | MIT | 1 | 2021-03-22 - 14:07 | over 3 years |
54.1.3 | MIT | 1 | 2021-03-22 - 13:23 | over 3 years |
54.1.2 | MIT | 1 | 2021-03-14 - 15:48 | over 3 years |
54.1.1 | MIT | 1 | 2021-03-07 - 03:56 | over 3 years |
54.1.0 | MIT | 1 | 2021-03-05 - 16:46 | over 3 years |
54.0.0 | MIT | 1 | 2021-02-28 - 22:28 | over 3 years |
53.1.0 | MIT | 1 | 2021-02-25 - 14:44 | over 3 years |
53.0.0 | MIT | 1 | 2021-02-01 - 15:39 | over 3 years |
52.0.0 | MIT | 1 | 2021-01-24 - 01:34 | over 3 years |
51.3.3 | MIT | 1 | 2021-01-17 - 22:44 | over 3 years |
51.3.2 | MIT | 1 | 2021-01-17 - 19:21 | over 3 years |
51.3.1 | MIT | 1 | 2021-01-17 - 03:15 | over 3 years |
51.3.0 | MIT | 1 | 2021-01-17 - 01:40 | over 3 years |
51.2.0 | MIT | 1 | 2021-01-16 - 22:37 | over 3 years |
51.1.2 | MIT | 1 | 2021-01-09 - 02:03 | over 3 years |
51.1.1 | MIT | 1 | 2020-12-29 - 03:56 | over 3 years |
51.1.0.post20201221 | MIT | 1 | 2020-12-21 - 02:32 | over 3 years |
51.1.0 | MIT | 1 | 2020-12-21 - 18:40 | over 3 years |
51.0.0 | MIT | 1 | 2020-12-07 - 00:52 | over 3 years |
50.3.2 | MIT | 1 | 2020-10-17 - 16:19 | over 3 years |
50.3.1 | MIT | 1 | 2020-10-15 - 00:27 | over 3 years |
50.3.0 | MIT | 1 | 2020-09-05 - 15:27 | almost 4 years |
50.2.0 | MIT | 1 | 2020-09-04 - 14:13 | almost 4 years |
50.1.0 | MIT | 1 | 2020-09-03 - 01:04 | almost 4 years |
50.0.3 | MIT | 1 | 2020-09-02 - 02:02 | almost 4 years |
50.0.2 | MIT | 1 | 2020-09-01 - 22:29 | almost 4 years |
50.0.1 | MIT | 1 | 2020-09-01 - 17:50 | almost 4 years |
50.0.0 | MIT | 1 | 2020-08-30 - 19:51 | almost 4 years |
49.6.0 | MIT | 1 | 2020-08-14 - 02:13 | almost 4 years |
49.5.0 | MIT | 1 | 2020-08-13 - 23:20 | almost 4 years |
49.4.0 | MIT | 1 | 2020-08-13 - 13:58 | almost 4 years |
49.3.2 | MIT | 1 | 2020-08-12 - 21:12 | almost 4 years |
49.3.1 | MIT | 1 | 2020-08-10 - 15:17 | almost 4 years |
49.3.0 | MIT | 1 | 2020-08-09 - 19:11 | almost 4 years |
49.2.1 | MIT | 1 | 2020-08-02 - 14:07 | almost 4 years |
49.2.0 | MIT | 1 | 2020-07-12 - 16:20 | almost 4 years |
49.1.3 | MIT | 1 | 2020-07-12 - 09:25 | almost 4 years |
49.1.2 | MIT | 1 | 2020-07-11 - 06:31 | almost 4 years |
49.1.1 | MIT | 1 | 2020-07-10 - 18:19 | almost 4 years |
49.1.0 | MIT | 1 | 2020-07-03 - 22:29 | almost 4 years |
49.0.1 | MIT | 1 | 2020-07-05 - 20:52 | almost 4 years |
49.0.0 | MIT | 1 | 2020-07-03 - 19:47 | almost 4 years |
48.0.0 | MIT | 1 | 2020-07-03 - 15:19 | almost 4 years |
47.3.2 | MIT | 1 | 2020-07-03 - 09:17 | almost 4 years |
47.3.1 | MIT | 1 | 2020-06-16 - 21:39 | about 4 years |
47.3.0 | MIT | 1 | 2020-06-15 - 20:55 | about 4 years |
47.2.0 | MIT | 1 | 2020-06-15 - 13:07 | about 4 years |
47.1.1 | MIT | 1 | 2020-05-29 - 01:21 | about 4 years |
47.1.0 | MIT | 1 | 2020-05-28 - 12:03 | about 4 years |
47.0.0 | MIT | 1 | 2020-05-28 - 11:36 | about 4 years |
46.4.0 | MIT | 1 | 2020-05-17 - 02:30 | about 4 years |
46.3.1 | MIT | 1 | 2020-05-15 - 10:18 | about 4 years |
46.3.0 | MIT | 1 | 2020-05-13 - 16:02 | about 4 years |
46.2.0 | MIT | 1 | 2020-05-10 - 21:47 | about 4 years |
46.1.3 | MIT | 1 | 2020-03-25 - 18:31 | over 4 years |
46.1.2 | MIT | 1 | 2020-03-25 - 15:10 | over 4 years |
46.1.1 | MIT | 1 | 2020-03-21 - 19:06 | over 4 years |