You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please update the security advisory status after evaluating. Publish the advisory
once it has been verified (since it has been created in draft mode).
Description
Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
A new security advisory was open in this repository. See https://github.com/ansys/pyansys-tools-report/security/advisories/GHSA-2q8c-5fcp-rq86.
NOTE
Please update the security advisory status after evaluating. Publish the advisory
once it has been verified (since it has been created in draft mode).
Description
Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
More information
Visit https://pyup.io/v/52495/f17 to find out more information.
The text was updated successfully, but these errors were encountered: