A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Red Hat Developer Hub 1.2 on RHEL 9 | RedHat | rhdh/rhdh-hub-rhel9:1.2-105 | * |
Red Hat Enterprise Linux 7 Extended Lifecycle Support | RedHat | python3-setuptools-0:39.2.0-10.el7_9.1 | * |
Red Hat Enterprise Linux 7 Extended Lifecycle Support | RedHat | python-setuptools-0:0.9.8-7.el7_9.1 | * |
Red Hat Enterprise Linux 8 | RedHat | python3.12-setuptools-0:68.2.2-4.el8_10 | * |
Red Hat Enterprise Linux 8 | RedHat | python3.11-setuptools-0:65.5.1-3.el8_10 | * |
Red Hat Enterprise Linux 8 | RedHat | python39:3.9-8100020240826142629.d47b87a4 | * |
Red Hat Enterprise Linux 8 | RedHat | python39-devel:3.9-8100020240826142629.d47b87a4 | * |
Red Hat Enterprise Linux 8 | RedHat | fence-agents-0:4.2.1-129.el8_10.4 | * |
Red Hat Enterprise Linux 8 | RedHat | resource-agents-0:4.9.0-54.el8_10.4 | * |
Red Hat Enterprise Linux 8 | RedHat | python-setuptools-0:39.2.0-8.el8_10 | * |
Red Hat Enterprise Linux 8.2 Advanced Update Support | RedHat | python-setuptools-0:39.2.0-5.el8_2.1 | * |
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | python39:3.9-8040020240801180427.63cd9eba | * |
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | fence-agents-0:4.2.1-65.el8_4.20 | * |
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | python-setuptools-0:39.2.0-6.el8_4.1 | * |
Red Hat Enterprise Linux 8.4 Telecommunications Update Service | RedHat | python39:3.9-8040020240801180427.63cd9eba | * |
Red Hat Enterprise Linux 8.4 Telecommunications Update Service | RedHat | fence-agents-0:4.2.1-65.el8_4.20 | * |
Red Hat Enterprise Linux 8.4 Telecommunications Update Service | RedHat | resource-agents-0:4.1.1-90.el8_4.18 | * |
Red Hat Enterprise Linux 8.4 Telecommunications Update Service | RedHat | python-setuptools-0:39.2.0-6.el8_4.1 | * |
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | RedHat | python39:3.9-8040020240801180427.63cd9eba | * |
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | RedHat | fence-agents-0:4.2.1-65.el8_4.20 | * |
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | RedHat | resource-agents-0:4.1.1-90.el8_4.18 | * |
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | RedHat | python-setuptools-0:39.2.0-6.el8_4.1 | * |
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | RedHat | python39:3.9-8060020240801142753.6a631399 | * |
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | RedHat | fence-agents-0:4.2.1-89.el8_6.14 | * |
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | RedHat | python-setuptools-0:39.2.0-7.el8_6.1 | * |
Red Hat Enterprise Linux 8.6 Telecommunications Update Service | RedHat | python39:3.9-8060020240801142753.6a631399 | * |
Red Hat Enterprise Linux 8.6 Telecommunications Update Service | RedHat | fence-agents-0:4.2.1-89.el8_6.14 | * |
Red Hat Enterprise Linux 8.6 Telecommunications Update Service | RedHat | resource-agents-0:4.9.0-16.el8_6.14 | * |
Red Hat Enterprise Linux 8.6 Telecommunications Update Service | RedHat | python-setuptools-0:39.2.0-7.el8_6.1 | * |
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | RedHat | python39:3.9-8060020240801142753.6a631399 | * |
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | RedHat | fence-agents-0:4.2.1-89.el8_6.14 | * |
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | RedHat | resource-agents-0:4.9.0-16.el8_6.14 | * |
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | RedHat | python-setuptools-0:39.2.0-7.el8_6.1 | * |
Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | python3.11-setuptools-0:65.5.1-2.el8_8.1 | * |
Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | python39:3.9-8080020240731091048.93c2fc2f | * |
Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | python39-devel:3.9-8080020240731091048.93c2fc2f | * |
Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | fence-agents-0:4.2.1-112.el8_8.8 | * |
Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | resource-agents-0:4.9.0-40.el8_8.6 | * |
Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | python-setuptools-0:39.2.0-7.el8_8.1 | * |
Red Hat Enterprise Linux 9 | RedHat | python3.11-setuptools-0:65.5.1-2.el9_4.1 | * |
Red Hat Enterprise Linux 9 | RedHat | python3.12-setuptools-0:68.2.2-3.el9_4.1 | * |
Red Hat Enterprise Linux 9 | RedHat | fence-agents-0:4.10.0-62.el9_4.5 | * |
Red Hat Enterprise Linux 9 | RedHat | python-setuptools-0:53.0.0-12.el9_4.1 | * |
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | RedHat | fence-agents-0:4.10.0-20.el9_0.17 | * |
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | RedHat | python-setuptools-0:53.0.0-12.el9_0 | * |
Red Hat Enterprise Linux 9.2 Extended Update Support | RedHat | python3.11-setuptools-0:65.5.1-2.el9_2.1 | * |
Red Hat Enterprise Linux 9.2 Extended Update Support | RedHat | fence-agents-0:4.10.0-43.el9_2.9 | * |
Red Hat Enterprise Linux 9.2 Extended Update Support | RedHat | python-setuptools-0:53.0.0-12.el9_2.1 | * |
Red Hat OpenShift Container Platform 4.17 | RedHat | rhcos-417.94.202410090854-0 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/code-rhel8:3.16-20 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/configbump-rhel8:3.16-4 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/dashboard-rhel8:3.16-27 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/devfileregistry-rhel8:3.16-67 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/devspaces-operator-bundle:3.16-70 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/devspaces-rhel8-operator:3.16-11 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/idea-rhel8:3.16-3 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/imagepuller-rhel8:3.16-3 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/machineexec-rhel8:3.16-6 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/pluginregistry-rhel8:3.16-16 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/server-rhel8:3.16-14 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/traefik-rhel8:3.16-2 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/udi-rhel8:3.16-6 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-config-sync-rhel9:1.4.7-3 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-flow-collector-rhel9:1.4.7-3 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-operator-bundle:1.4.7-4 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-router-rhel9:2.4.3-7 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-service-controller-rhel9:1.4.7-3 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-site-controller-rhel9:1.4.7-3 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-config-sync-rhel9:1.4.7-2 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-flow-collector-rhel9:1.4.7-2 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-operator-bundle:1.4.7-2 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-router-rhel9:2.4.3-6 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-service-controller-rhel9:1.4.7-2 | * |
Service Interconnect 1.4 for RHEL 9 | RedHat | service-interconnect/skupper-site-controller-rhel9:1.4.7-2 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-config-sync-rhel9:1.5.5-4 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-controller-podman-container-rhel9:1.5.5-4 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-controller-podman-rhel9:1.5.5-4 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-flow-collector-rhel9:1.5.5-4 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-operator-bundle:1.5.5-4 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-router-rhel9:2.5.3-6 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-service-controller-rhel9:1.5.5-4 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-site-controller-rhel9:1.5.5-4 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-config-sync-rhel9:1.5.5-3 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-controller-podman-container-rhel9:1.5.5-3 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-controller-podman-rhel9:1.5.5-3 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-flow-collector-rhel9:1.5.5-3 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-operator-bundle:1.5.5-3 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-router-rhel9:2.5.3-5 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-service-controller-rhel9:1.5.5-3 | * |
Service Interconnect 1 for RHEL 9 | RedHat | service-interconnect/skupper-site-controller-rhel9:1.5.5-3 | * |
Python-pip | Ubuntu | esm-apps/bionic | * |
Python-pip | Ubuntu | esm-apps/focal | * |
Python-pip | Ubuntu | esm-apps/xenial | * |
Python-pip | Ubuntu | esm-infra-legacy/trusty | * |
Python-pip | Ubuntu | focal | * |
Python-pip | Ubuntu | trusty/esm | * |
Python-setuptools | Ubuntu | esm-apps/focal | * |
Python-setuptools | Ubuntu | esm-apps/jammy | * |
Python-setuptools | Ubuntu | esm-infra-legacy/trusty | * |
Python-setuptools | Ubuntu | esm-infra/bionic | * |
Python-setuptools | Ubuntu | esm-infra/xenial | * |
Python-setuptools | Ubuntu | focal | * |
Python-setuptools | Ubuntu | jammy | * |
Python-setuptools | Ubuntu | trusty/esm | * |
Setuptools | Ubuntu | esm-infra/focal | * |
Setuptools | Ubuntu | focal | * |
Setuptools | Ubuntu | jammy | * |
Setuptools | Ubuntu | noble | * |
Setuptools | Ubuntu | upstream | * |