vulnerability
Alma Linux: CVE-2022-40897: Moderate: python-setuptools security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Dec 23, 2022 | Feb 22, 2023 | Sep 5, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Dec 23, 2022
Added
Feb 22, 2023
Modified
Sep 5, 2025
Description
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
Solutions
alma-upgrade-babelalma-upgrade-platform-python-setuptoolsalma-upgrade-python-nose-docsalma-upgrade-python-psycopg2-docalma-upgrade-python-sqlalchemy-docalma-upgrade-python2alma-upgrade-python2-attrsalma-upgrade-python2-babelalma-upgrade-python2-backportsalma-upgrade-python2-backports-ssl_match_hostnamealma-upgrade-python2-bsonalma-upgrade-python2-chardetalma-upgrade-python2-coveragealma-upgrade-python2-cythonalma-upgrade-python2-debugalma-upgrade-python2-develalma-upgrade-python2-dnsalma-upgrade-python2-docsalma-upgrade-python2-docs-infoalma-upgrade-python2-docutilsalma-upgrade-python2-funcsigsalma-upgrade-python2-idnaalma-upgrade-python2-ipaddressalma-upgrade-python2-jinja2alma-upgrade-python2-libsalma-upgrade-python2-lxmlalma-upgrade-python2-markupsafealma-upgrade-python2-mockalma-upgrade-python2-nosealma-upgrade-python2-numpyalma-upgrade-python2-numpy-docalma-upgrade-python2-numpy-f2pyalma-upgrade-python2-pipalma-upgrade-python2-pip-wheelalma-upgrade-python2-pluggyalma-upgrade-python2-psycopg2alma-upgrade-python2-psycopg2-debugalma-upgrade-python2-psycopg2-testsalma-upgrade-python2-pyalma-upgrade-python2-pygmentsalma-upgrade-python2-pymongoalma-upgrade-python2-pymongo-gridfsalma-upgrade-python2-pymysqlalma-upgrade-python2-pysocksalma-upgrade-python2-pytestalma-upgrade-python2-pytest-mockalma-upgrade-python2-pytzalma-upgrade-python2-pyyamlalma-upgrade-python2-requestsalma-upgrade-python2-rpm-macrosalma-upgrade-python2-scipyalma-upgrade-python2-setuptoolsalma-upgrade-python2-setuptools-wheelalma-upgrade-python2-setuptools_scmalma-upgrade-python2-sixalma-upgrade-python2-sqlalchemyalma-upgrade-python2-testalma-upgrade-python2-tkinteralma-upgrade-python2-toolsalma-upgrade-python2-urllib3alma-upgrade-python2-virtualenvalma-upgrade-python2-wheelalma-upgrade-python2-wheel-wheelalma-upgrade-python3-setuptoolsalma-upgrade-python3-setuptools-wheelalma-upgrade-python39alma-upgrade-python39-attrsalma-upgrade-python39-cffialma-upgrade-python39-chardetalma-upgrade-python39-cryptographyalma-upgrade-python39-cythonalma-upgrade-python39-debugalma-upgrade-python39-develalma-upgrade-python39-idlealma-upgrade-python39-idnaalma-upgrade-python39-iniconfigalma-upgrade-python39-libsalma-upgrade-python39-lxmlalma-upgrade-python39-mod_wsgialma-upgrade-python39-more-itertoolsalma-upgrade-python39-numpyalma-upgrade-python39-numpy-docalma-upgrade-python39-numpy-f2pyalma-upgrade-python39-packagingalma-upgrade-python39-pipalma-upgrade-python39-pip-wheelalma-upgrade-python39-pluggyalma-upgrade-python39-plyalma-upgrade-python39-psutilalma-upgrade-python39-psycopg2alma-upgrade-python39-psycopg2-docalma-upgrade-python39-psycopg2-testsalma-upgrade-python39-pyalma-upgrade-python39-pybind11alma-upgrade-python39-pybind11-develalma-upgrade-python39-pycparseralma-upgrade-python39-pymysqlalma-upgrade-python39-pyparsingalma-upgrade-python39-pysocksalma-upgrade-python39-pytestalma-upgrade-python39-pyyamlalma-upgrade-python39-requestsalma-upgrade-python39-rpm-macrosalma-upgrade-python39-scipyalma-upgrade-python39-setuptoolsalma-upgrade-python39-setuptools-wheelalma-upgrade-python39-sixalma-upgrade-python39-testalma-upgrade-python39-tkinteralma-upgrade-python39-tomlalma-upgrade-python39-urllib3alma-upgrade-python39-wcwidthalma-upgrade-python39-wheelalma-upgrade-python39-wheel-wheel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.