Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-12-22T00:00:00
Updated: 2024-08-03T12:28:42.612Z
Reserved: 2022-09-19T00:00:00
Link: CVE-2022-40897
Vulnrichment
Updated: 2024-08-03T12:28:42.612Z
NVD
Status : Modified
Published: 2022-12-23T00:15:13.987
Modified: 2024-06-21T19:15:23.877
Link: CVE-2022-40897
Redhat