{"dataType": "CVE_RECORD", "containers": {"adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Moderate\"}"}}}], "affected": [{"vendor": "redhat", "product": "python-setuptools", "platforms": ["cpe:/o:redhat:enterprise_linux:6"], "defaultStatus": "affected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn't expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools. \n            Red Hat Product Security has rated this vulnerability \"Moderate\" based on the impact of the damage caused by a successful exploitation and the pre-requisites.\n\n* Exploitation requires that the attacker have limited code execution access to a Python environment where they can trigger the vulnerable PackageIndex.download() function—this might be via a script, plugin, or automated job. Full admin rights aren't needed but a user with no access at all will be unable to exploit this vulnerability.\n* The vulnerability impacts the integrity of the system within the same security boundary—it does not enable access or compromise across trust boundaries (e.g., from one container to another or from user space to kernel).\n* Successful exploitation only allows the attacker to \"create\" new files. The vulnerability does not provide access to existing files and by an extension to any confidential information. \n* Arbitrary file writes can overwrite critical config files, executables, or scripts. This can lead to persistent code execution, system misconfiguration, or unauthorized behavior, especially in automated environments. While overwriting critical files could theoretically lead to service disruption, the vulnerability in isolation does not inherently cause denial of service. The exploit doesn't target availability directly, and in many cases, systems may continue running.\n            Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-17T15:46:00Z", "x_subShortName": "redhat_6"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Moderate\"}"}}}], "affected": [{"vendor": "redhat", "product": "python38-setuptools", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "python38-setuptools-wheel", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "python39-setuptools", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "python39-setuptools-wheel", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "python3x-setuptools", "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "affected"}, {"vendor": "redhat", "product": "platform-python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+23441+1124c1da", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+21271+eccd1d86", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+23441+1124c1da", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+23441+1124c1da", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+23441+1124c1da", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+21815+bb024982", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+23441+1124c1da", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+23075+0aa18782.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-numpy-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-numpy-f2py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+21329+8d76b841", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pip-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+21329+8d76b841", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+21142+453d2b75", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-psycopg2-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+21142+453d2b75", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-psycopg2-tests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+21142+453d2b75", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pybind11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-pyyaml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+23441+1124c1da", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+23406+03055bfb", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+23406+03055bfb", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+23441+1124c1da", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+23441+1124c1da", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+20443+f0a692fe", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python39-wheel-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.9.0+19644+d68f775d", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:11036"}, {"url": "https://access.redhat.com/errata/RHSA-2025:11043"}, {"url": "https://access.redhat.com/errata/RHSA-2025:11044"}, {"url": "https://access.redhat.com/errata/RHSA-2025:14900"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn't expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools. \n            Red Hat Product Security has rated this vulnerability \"Moderate\" based on the impact of the damage caused by a successful exploitation and the pre-requisites.\n\n* Exploitation requires that the attacker have limited code execution access to a Python environment where they can trigger the vulnerable PackageIndex.download() function—this might be via a script, plugin, or automated job. Full admin rights aren't needed but a user with no access at all will be unable to exploit this vulnerability.\n* The vulnerability impacts the integrity of the system within the same security boundary—it does not enable access or compromise across trust boundaries (e.g., from one container to another or from user space to kernel).\n* Successful exploitation only allows the attacker to \"create\" new files. The vulnerability does not provide access to existing files and by an extension to any confidential information. \n* Arbitrary file writes can overwrite critical config files, executables, or scripts. This can lead to persistent code execution, system misconfiguration, or unauthorized behavior, especially in automated environments. While overwriting critical files could theoretically lead to service disruption, the vulnerability in isolation does not inherently cause denial of service. The exploit doesn't target availability directly, and in many cases, systems may continue running.\n            Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, {"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n\n* cpython: Cpython infinite loop when parsing a tarfile (CVE-2025-8194)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-17T15:46:00Z", "x_subShortName": "redhat_8"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"medium\"}"}}}], "affected": [{"vendor": "canonical", "product": "python-pip", "platforms": ["trusty"], "defaultStatus": "affected"}, {"vendor": "canonical", "product": "python-pip-whl", "platforms": ["trusty"], "defaultStatus": "affected"}, {"vendor": "canonical", "product": "python3-pip", "platforms": ["trusty"], "defaultStatus": "affected"}, {"vendor": "canonical", "product": "pypy-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.0.1-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["bionic"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "pypy-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.0.1-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["bionic"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:9.0.1-2.3~ubuntu1.18.04.8+esm8", "versionType": "custom"}], "platforms": ["bionic"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pip-whl", "versions": [{"status": "affected", "version": "0", "lessThan": "0:9.0.1-2.3~ubuntu1.18.04.8+esm8", "versionType": "custom"}], "platforms": ["bionic"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.0.1-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["bionic"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.0.1-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["bionic"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:9.0.1-2.3~ubuntu1.18.04.8+esm8", "versionType": "custom"}], "platforms": ["bionic"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.0.1-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["bionic"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.0.1-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["bionic"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "pypy-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.0.0-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["focal"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "pypy-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.0.0-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["focal"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pip-whl", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.0.2-5ubuntu1.11+esm4", "versionType": "custom"}], "platforms": ["focal"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.0.0-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["focal"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.0.0-2ubuntu0.1+esm2", "versionType": "custom"}], "platforms": ["focal"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.0.2-5ubuntu1.11+esm4", "versionType": "custom"}], "platforms": ["focal"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:45.2.0-1ubuntu0.3", "versionType": "custom"}], "platforms": ["focal"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:45.2.0-1ubuntu0.3", "versionType": "custom"}], "platforms": ["focal"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "pypy-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-1.2ubuntu0.22.04.1+esm2", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "pypy-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-1.2ubuntu0.22.04.1+esm2", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-1.2ubuntu0.22.04.1+esm2", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-1.2ubuntu0.22.04.1+esm2", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python2-setuptools-whl", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-1.2ubuntu0.22.04.1+esm2", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:59.6.0-1.2ubuntu0.22.04.3", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:59.6.0-1.2ubuntu0.22.04.3", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-setuptools-whl", "versions": [{"status": "affected", "version": "0", "lessThan": "0:59.6.0-1.2ubuntu0.22.04.3", "versionType": "custom"}], "platforms": ["jammy"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.1.2-2ubuntu1.2", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.1.2-2ubuntu1.2", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-setuptools-whl", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.1.2-2ubuntu1.2", "versionType": "custom"}], "platforms": ["noble"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3-1ubuntu2+esm3", "versionType": "custom"}], "platforms": ["trusty"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3-1ubuntu2+esm3", "versionType": "custom"}], "platforms": ["trusty"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-setuptools-whl", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3-1ubuntu2+esm3", "versionType": "custom"}], "platforms": ["trusty"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3-1ubuntu2+esm3", "versionType": "custom"}], "platforms": ["trusty"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3-1ubuntu2+esm3", "versionType": "custom"}], "platforms": ["trusty"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "pypy-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.7.0-1ubuntu0.1~esm3", "versionType": "custom"}], "platforms": ["xenial"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "pypy-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.7.0-1ubuntu0.1~esm3", "versionType": "custom"}], "platforms": ["xenial"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.1.1-2ubuntu0.6+esm12", "versionType": "custom"}], "platforms": ["xenial"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pip-whl", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.1.1-2ubuntu0.6+esm12", "versionType": "custom"}], "platforms": ["xenial"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.7.0-1ubuntu0.1~esm3", "versionType": "custom"}], "platforms": ["xenial"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.7.0-1ubuntu0.1~esm3", "versionType": "custom"}], "platforms": ["xenial"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.1.1-2ubuntu0.6+esm12", "versionType": "custom"}], "platforms": ["xenial"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.7.0-1ubuntu0.1~esm3", "versionType": "custom"}], "platforms": ["xenial"], "defaultStatus": "unaffected"}, {"vendor": "canonical", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.7.0-1ubuntu0.1~esm3", "versionType": "custom"}], "platforms": ["xenial"], "defaultStatus": "unaffected"}], "references": [{"url": "https://ubuntu.com/security/CVE-2025-47273"}, {"url": "https://ubuntu.com/security/notices/USN-7544-1"}, {"url": "https://ubuntu.com/security/notices/USN-8010-1"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "setuptools is a package that allows users to download, build, install,upgrade, and uninstall Python packages. A path traversal vulnerability in`PackageIndex` is present in setuptools prior to version 78.1.1. Anattacker would be allowed to write files to arbitrary locations on thefilesystem with the permissions of the process running the Python code,which could escalate to remote code execution depending on the context.Version 78.1.1 fixes the issue."}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2025-05-17T16:15:00Z", "x_subShortName": "canonical"}}, {"metrics": [{"other": {"type": "Unknown", "content": {"data": "{\"description\":\"not yet assigned\"}"}}}], "affected": [{"vendor": "debian", "product": "python-setuptools-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "66.1.1-1+deb12u2", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "66.1.1-1+deb12u2", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "66.1.1-1+deb12u2", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3-setuptools-whl", "versions": [{"status": "affected", "version": "0", "lessThan": "66.1.1-1+deb12u2", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python-setuptools-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "52.0.0-4+deb11u2", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "52.0.0-4+deb11u2", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "52.0.0-4+deb11u2", "versionType": "deb"}], "platforms": ["bullseye"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python-setuptools-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "78.1.1-0.1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3-pkg-resources", "versions": [{"status": "affected", "version": "0", "lessThan": "78.1.1-0.1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "78.1.1-0.1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "python3-setuptools-whl", "versions": [{"status": "affected", "version": "0", "lessThan": "78.1.1-0.1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-tracker.debian.org/tracker/CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue."}], "providerMetadata": {"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian", "dateUpdated": "2025-05-28T00:00:00.000Z", "x_subShortName": "debian"}}, {"credits": [{"lang": "en", "value": "packager@almalinux.org"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Moderate\"}"}}}], "affected": [{"vendor": "almalinux", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:10"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-47273", "name": "CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\n  * setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000001", "shortName": "almalinux", "dateUpdated": "2025-06-30T00:00:00Z", "x_subShortName": "alma_10"}}, {"credits": [{"lang": "en", "value": "packager@almalinux.org"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Moderate\"}"}}}], "affected": [{"vendor": "almalinux", "product": "platform-python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module_el8.10.0+3849+a48d89aa", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module_el8.10.0+3989+a618fe15.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-numpy-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-numpy-f2py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pip-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-psycopg2-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-psycopg2-tests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pybind11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-pyyaml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module_el8.9.0+3634+fb2a896c", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module_el8.9.0+3634+fb2a896c", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module_el8.10.0+4040+9207bbc0", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module_el8.10.0+3765+2f9a457d", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python39-wheel-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module_el8.6.0+2780+a40f65e1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:8"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-47273", "name": "CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\n  * setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}, {"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\n  * setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n  * cpython: Cpython infinite loop when parsing a tarfile (CVE-2025-8194)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000001", "shortName": "almalinux", "dateUpdated": "2025-07-15T00:00:00Z", "x_subShortName": "alma_8"}}, {"credits": [{"lang": "en", "value": "packager@almalinux.org"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Moderate\"}"}}}], "affected": [{"vendor": "almalinux", "product": "fence-agents-aliyun", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-all", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-amt-ws", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-apc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-apc-snmp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-aws", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-azure-arm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-bladecenter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-brocade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-cisco-mds", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-cisco-ucs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-common", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-compute", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-drac5", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-eaton-snmp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-emerson", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-eps", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-gce", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-heuristics-ping", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-hpblade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ibm-powervs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ibm-vpc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ibmblade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ifmib", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ilo-moonshot", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ilo-mp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ilo-ssh", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ilo2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-intelmodular", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ipdu", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-ipmilan", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-kdump", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-kubevirt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-lpar", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-mpath", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-openstack", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-redfish", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-rhevm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-rsa", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-rsb", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-sbd", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-scsi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-virsh", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-vmware-rest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-vmware-soap", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-wti", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-agents-zvm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-virt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-virtd", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-virtd-cpg", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-virtd-libvirt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-virtd-multicast", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-virtd-serial", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "fence-virtd-tcp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "ha-cloud-support", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:53.0.0-13.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:53.0.0-13.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.11-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}, {"vendor": "almalinux", "product": "python3.12-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:almalinux:almalinux:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-47273", "name": "CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\n  * setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}, {"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  \n\nSecurity Fix(es):  \n\n  * setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}, {"lang": "en", "value": "The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.   \n\nSecurity Fix(es):  \n\n  * setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000001", "shortName": "almalinux", "dateUpdated": "2025-07-07T00:00:00Z", "x_subShortName": "alma_9"}}, {"metrics": [{"other": {"type": "Unknown", "content": {"data": "{\"description\":\"medium\"}"}}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"unspecified\"}"}}}], "affected": [{"vendor": "fedora", "product": "mingw-python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:78.1.1-1.fc41", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:41"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "pypy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:7.3.20-2.fc41", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:41"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.2.0-10.fc41", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:41"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "mingw-python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:78.1.1-1.fc42", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:42"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "pypy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:7.3.20-2.fc42", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:42"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:74.1.3-7.fc42", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:42"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "pypy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:7.3.20-2.fc43", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:43"], "defaultStatus": "unaffected"}], "references": [{"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-1746085e78"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-1c17f3520b"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-9285942ac9"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-9b8da6ad7e"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-a37bf9ddbd"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-b2fa8a1954"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-db489d66e3"}], "descriptions": [{"lang": "en", "value": "mingw-python-setuptools: Path Traversal Vulnerability in setuptools PackageIndex"}, {"lang": "en", "value": "pypy: Path Traversal Vulnerability in setuptools PackageIndex"}, {"lang": "en", "value": "python-setuptools: Path Traversal Vulnerability in setuptools PackageIndex"}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2025-06-19T01:56:35Z", "x_subShortName": "fedora"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"MODERATE\"}"}}}], "affected": [{"vendor": "oraclelinux", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:10"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.9.8-7.0.3.el7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:7"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-10.0.5.el7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:7"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "platform-python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+90341+71ca88f4", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+90647+49247197.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-numpy-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-numpy-f2py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pip-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-psycopg2-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-psycopg2-tests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pybind11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-pyyaml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+90647+49247197", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+90269+2fa22b99", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python39-wheel-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.9.0+90016+9c2d6573", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:8"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-all", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-amt-ws", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-apc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-apc-snmp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-bladecenter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-brocade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-cisco-mds", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-cisco-ucs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-common", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-drac5", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-eaton-snmp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-emerson", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-eps", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-heuristics-ping", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-hpblade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ibm-powervs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ibm-vpc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ibmblade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ifmib", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ilo-moonshot", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ilo-mp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ilo-ssh", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ilo2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-intelmodular", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ipdu", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-ipmilan", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-kdump", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-kubevirt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-lpar", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-mpath", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-redfish", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-rhevm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-rsa", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-rsb", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-sbd", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-scsi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-virsh", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-vmware-rest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-vmware-soap", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "fence-agents-wti", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:53.0.0-13.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:53.0.0-13.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.11-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}, {"vendor": "oraclelinux", "product": "python3.12-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:oracle:linux:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://linux.oracle.com/cve/CVE-2025-47273.html"}], "descriptions": [{"lang": "en", "value": "setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue."}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000006", "shortName": "oraclelinux", "dateUpdated": "2025-06-30T00:00:00Z", "x_subShortName": "oraclelinux"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Moderate\"}"}}}], "affected": [{"vendor": "redhat", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-47273"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366982"}, {"url": "https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88"}, {"url": "https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b"}, {"url": "https://github.com/pypa/setuptools/issues/4946"}, {"url": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf"}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47273"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn't expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-17T15:46:11Z", "x_subShortName": "redhat_10"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Moderate\"}"}}}], "affected": [{"vendor": "redhat", "product": "fence-agents-aliyun", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-all", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-amt-ws", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-apc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-apc-snmp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-aws", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-azure-arm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-bladecenter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-brocade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-cisco-mds", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-cisco-ucs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-common", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-compute", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-drac5", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-eaton-snmp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-emerson", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-eps", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-gce", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-heuristics-ping", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-hpblade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ibm-powervs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ibm-vpc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ibmblade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ifmib", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ilo-moonshot", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ilo-mp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ilo-ssh", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ilo2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-intelmodular", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ipdu", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-ipmilan", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-kdump", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-kubevirt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-lpar", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-mpath", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-openstack", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-redfish", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-rhevm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-rsa", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-rsb", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-sbd", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-scsi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-virsh", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-vmware-rest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-vmware-soap", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-wti", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-agents-zvm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-virt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-virtd", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-virtd-cpg", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-virtd-libvirt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-virtd-multicast", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-virtd-serial", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "fence-virtd-tcp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "ha-cloud-support", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:53.0.0-13.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:53.0.0-13.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.11-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}, {"vendor": "redhat", "product": "python3.12-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:10407"}, {"url": "https://access.redhat.com/errata/RHSA-2025:11463"}, {"url": "https://access.redhat.com/errata/RHSA-2025:12834"}, {"url": "https://access.redhat.com/errata/RHSA-2025:13578"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"lang": "en", "value": "The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. \n\nSecurity Fix(es):\n\n* setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-17T15:46:00Z", "x_subShortName": "redhat_9"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Moderate\"}"}}}], "affected": [{"vendor": "rocky", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:69.0.3-12.el10_0", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:10"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "Cython-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "PyYAML", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "PyYAML-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1978+d4f111ba.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "numpy-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "platform-python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1592+61442852", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1910+234ad790", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-cffi-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1697+7e517775", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-cryptography-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1697+7e517775", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+1809+41195054", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module+el8.9.0+1332+dd574197", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-lxml-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-psutil-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-psycopg2-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.9.0+1418+f0d66789", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module+el8.9.0+1332+dd574197", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+1545+03246da9", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:39.2.0-9.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el8_10", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-Cython", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-Cython-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.29.21-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-PyMySQL", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.10.1-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-attrs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.3.0-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-cffi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-cffi-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.14.3-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-chardet", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.0.4-19.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-cryptography", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1697+7e517775", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-cryptography-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1697+7e517775", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.3.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-debug", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-idle", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-idna", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+1809+41195054", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.10-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-iniconfig", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.1.1-2.module+el8.9.0+1332+dd574197", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-libs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-lxml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-lxml-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.6.5-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-mod_wsgi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:4.7.1-7.module+el8.10.0+1978+d4f111ba.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-more-itertools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:8.5.0-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-numpy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-numpy-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-numpy-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-numpy-f2py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-packaging", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.4-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1721+e52d6351", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pip-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1721+e52d6351", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pluggy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.13.1-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-ply", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:3.11-10.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psutil", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psutil-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.8.0-4.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psycopg2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psycopg2-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psycopg2-doc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-psycopg2-tests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1660+b5b6f004", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.8.6-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-py", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.10.0-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pybind11", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pybind11-devel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.7.1-1.module+el8.9.0+1357+a3b80af7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pycparser", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.20-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pysocks", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.7.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pytest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:6.0.2-2.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pyyaml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-pyyaml-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-requests", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.25.0-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-rpm-macros", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-scipy-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-tkinter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:3.9.20-2.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-toml", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.10.1-5.module+el8.9.0+1332+dd574197", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-urllib3", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+1545+03246da9", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.25.10-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-wcwidth", "versions": [{"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:0.2.5-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python39-wheel-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "1:0.35.1-4.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3x-pip", "versions": [{"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1721+e52d6351", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:20.2.4-9.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3x-pyparsing", "versions": [{"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:2.4.7-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3x-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:50.3.2-7.module+el8.10.0+2057+30213a2b", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3x-six", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.15.0-3.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "scipy", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "scipy-debugsource", "versions": [{"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1582+bc278001", "versionType": "rpm"}, {"status": "affected", "version": "0", "lessThan": "0:1.5.4-5.module+el8.10.0+1860+afcc1c71", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:8"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-aliyun", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-all", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-amt-ws", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-apc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-apc-snmp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-aws", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-azure-arm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-bladecenter", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-brocade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-cisco-mds", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-cisco-ucs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-common", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-compute", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-drac5", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-eaton-snmp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-emerson", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-eps", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-gce", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-heuristics-ping", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-hpblade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ibm-powervs", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ibm-vpc", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ibmblade", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ifmib", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ilo-moonshot", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ilo-mp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ilo-ssh", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ilo2", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-intelmodular", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ipdu", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-ipmilan", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-kdump", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-kdump-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-kubevirt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-kubevirt-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-lpar", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-mpath", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-openstack", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-redfish", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-rhevm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-rsa", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-rsb", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-sbd", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-scsi", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-virsh", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-vmware-rest", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-vmware-soap", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-wti", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-agents-zvm", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virt-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-cpg", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-cpg-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-libvirt", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-libvirt-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-multicast", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-multicast-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-serial", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-serial-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-tcp", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "fence-virtd-tcp-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "ha-cloud-support", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "ha-cloud-support-debuginfo", "versions": [{"status": "affected", "version": "0", "lessThan": "0:4.10.0-86.el9_6.7", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:53.0.0-13.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:53.0.0-13.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:53.0.0-13.el9_6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.11-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:65.5.1-4.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}, {"vendor": "rocky", "product": "python3.12-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.2.2-5.el9_6", "versionType": "rpm"}], "platforms": ["cpe:/o:rocky:rocky:9"], "defaultStatus": "unaffected"}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366982"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2384043"}], "descriptions": [{"lang": "en", "value": "setuptools: Path Traversal Vulnerability in setuptools PackageIndex (CVE-2025-47273)"}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000004", "shortName": "rocky", "dateUpdated": "2025-07-29T13:38:26Z", "x_subShortName": "rocky"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "suse", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-150400.9.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-setuptools-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-150400.9.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-150400.9.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:67.7.2-150400.3.19.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-public-cloud:15:sp4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp4", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles-ltss:15:sp5", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles:15:sp5", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_sap:15:sp5", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7", "cpe:/o:suse:sles_teradata:15:sp4", "cpe:/o:suse:suse-manager-proxy:4.3", "cpe:/o:suse:suse-manager-retail-branch-server:4.3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python310-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:67.6.1-150400.4.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:23.4", "cpe:/o:suse:oes-release:24.4", "cpe:/o:suse:sles-ltss:15:sp4", "cpe:/o:suse:sles:15:sp4", "cpe:/o:suse:sles_sap:15:sp4", "cpe:/o:suse:sles_teradata:15:sp4"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:72.1.0-150700.3.3.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.1.2-150600.3.6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python2-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:40.5.0-150100.6.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:40.5.0-150100.6.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp2", "cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-setuptools-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:40.5.0-150100.6.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:40.5.0-150100.6.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python39-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-150300.7.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sles-ltss:15:sp3", "cpe:/o:suse:sles:15:sp3", "cpe:/o:suse:sles_sap:15:sp3"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "SUSE bug 1243313"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273", "name": "Mitre CVE-2025-47273"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001770.html", "name": "RHSA-2025:10407"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001806.html", "name": "RHSA-2025:11036"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001794.html", "name": "RHSA-2025:11043"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001795.html", "name": "RHSA-2025:11044"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001828.html", "name": "RHSA-2025:11463"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001919.html", "name": "RHSA-2025:11607"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001886.html", "name": "RHSA-2025:11984"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001872.html", "name": "RHSA-2025:12834"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001908.html", "name": "RHSA-2025:13578"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001954.html", "name": "RHSA-2025:14900"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2026-April/005039.html", "name": "RHSA-2025:9940"}, {"url": "https://www.suse.com/security/cve/CVE-2025-47273", "name": "SUSE CVE-2025-47273"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039333.html", "name": "SUSE-SU-2025:01693-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039332.html", "name": "SUSE-SU-2025:01695-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039345.html", "name": "SUSE-SU-2025:01704-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040145.html", "name": "SUSE-SU-2025:01704-2"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039348.html", "name": "SUSE-SU-2025:01709-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039372.html", "name": "SUSE-SU-2025:01715-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039363.html", "name": "SUSE-SU-2025:01723-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020926.html", "name": "SUSE-SU-2025:01744-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039471.html", "name": "SUSE-SU-2025:01774-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040131.html", "name": "SUSE-SU-2025:01810-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040335.html", "name": "SUSE-SU-2025:20412-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040651.html", "name": "SUSE-SU-2025:20462-1"}], "descriptions": [{"lang": "en", "value": "\n    setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue.\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-05-27T00:00:00Z", "x_subShortName": "suse_server_15"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "suse", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-150400.9.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-setuptools-test", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-150400.9.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "0:44.1.1-150400.9.12.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-basesystem:15:sp6", "cpe:/o:suse:sle-module-basesystem:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python311-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:67.7.2-150400.3.19.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp6", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python313-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:72.1.0-150700.3.3.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:oes-release:25.4", "cpe:/o:suse:sle-module-python3:15:sp7", "cpe:/o:suse:sle_hpc:15:sp7", "cpe:/o:suse:sled:15:sp7", "cpe:/o:suse:sles:15:sp7", "cpe:/o:suse:sles_sap:15:sp7"], "defaultStatus": "unaffected"}, {"vendor": "suse", "product": "python312-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "0:68.1.2-150600.3.6.1", "versionType": "rpm"}], "platforms": ["cpe:/o:suse:sle-module-python3:15:sp6", "cpe:/o:suse:sle_hpc:15:sp6", "cpe:/o:suse:sled:15:sp6", "cpe:/o:suse:sles:15:sp6", "cpe:/o:suse:sles_sap:15:sp6"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "SUSE bug 1243313"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273", "name": "Mitre CVE-2025-47273"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001770.html", "name": "RHSA-2025:10407"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001806.html", "name": "RHSA-2025:11036"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001794.html", "name": "RHSA-2025:11043"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001795.html", "name": "RHSA-2025:11044"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001828.html", "name": "RHSA-2025:11463"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001919.html", "name": "RHSA-2025:11607"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001886.html", "name": "RHSA-2025:11984"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001872.html", "name": "RHSA-2025:12834"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001908.html", "name": "RHSA-2025:13578"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001954.html", "name": "RHSA-2025:14900"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2026-April/005039.html", "name": "RHSA-2025:9940"}, {"url": "https://www.suse.com/security/cve/CVE-2025-47273", "name": "SUSE CVE-2025-47273"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039333.html", "name": "SUSE-SU-2025:01693-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039332.html", "name": "SUSE-SU-2025:01695-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039345.html", "name": "SUSE-SU-2025:01704-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040145.html", "name": "SUSE-SU-2025:01704-2"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039348.html", "name": "SUSE-SU-2025:01709-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039372.html", "name": "SUSE-SU-2025:01715-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039363.html", "name": "SUSE-SU-2025:01723-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020926.html", "name": "SUSE-SU-2025:01744-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039471.html", "name": "SUSE-SU-2025:01774-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040131.html", "name": "SUSE-SU-2025:01810-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040335.html", "name": "SUSE-SU-2025:20412-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040651.html", "name": "SUSE-SU-2025:20462-1"}], "descriptions": [{"lang": "en", "value": "\n    setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue.\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-05-27T00:00:00Z", "x_subShortName": "suse_desktop_15"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "amazon", "product": "python-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "49.1.3-1.amzn2.0.6", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python2-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "41.2.0-4.amzn2.0.6", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "49.1.3-1.amzn2.0.6", "versionType": "rpm"}], "defaultStatus": "unaffected"}], "references": [{"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue."}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000000", "shortName": "alas", "dateUpdated": "2025-06-04T19:08:00Z", "x_subShortName": "alas_2"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "amazon", "product": "python3-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "59.6.0-2.amzn2023.0.6", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "59.6.0-2.amzn2023.0.6", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "65.5.1-2.amzn2023.0.7", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.11-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "65.5.1-2.amzn2023.0.7", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "68.2.2-4.amzn2023.0.3", "versionType": "rpm"}], "defaultStatus": "unaffected"}, {"vendor": "amazon", "product": "python3.12-setuptools-wheel", "versions": [{"status": "affected", "version": "0", "lessThan": "68.2.2-4.amzn2023.0.3", "versionType": "rpm"}], "defaultStatus": "unaffected"}], "references": [{"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue."}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000000", "shortName": "alas", "dateUpdated": "2025-06-04T19:08:00Z", "x_subShortName": "alas_2023"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"HIGH\"}"}}}], "affected": [{"vendor": "pypi", "product": "setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "78.1.1", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml"}, {"url": "https://github.com/pypa/setuptools"}, {"url": "https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88"}, {"url": "https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b"}, {"url": "https://github.com/pypa/setuptools/issues/4946"}, {"url": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html"}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "### Summary \nA path traversal vulnerability in `PackageIndex` was fixed in setuptools version 78.1.1\n\n### Details\n```\n    def _download_url(self, url, tmpdir):\n        # Determine download filename\n        #\n        name, _fragment = egg_info_for_url(url)\n        if name:\n            while '..' in name:\n                name = name.replace('..', '.').replace('\\\\', '_')\n        else:\n            name = \"__downloaded__\"  # default if URL has no path contents\n\n        if name.endswith('.[egg.zip](http://egg.zip/)'):\n            name = name[:-4]  # strip the extra .zip before download\n\n -->       filename = os.path.join(tmpdir, name)\n```\n\nHere: https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88\n\n`os.path.join()` discards the first argument `tmpdir` if the second begins with a slash or drive letter.\n`name` is derived from a URL without sufficient sanitization. While there is some attempt to sanitize by replacing instances of '..' with '.', it is insufficient.\n\n### Risk Assessment\nAs easy_install and package_index are deprecated, the exploitation surface is reduced.\nHowever, it seems this could be exploited in a similar fashion like https://github.com/advisories/GHSA-r9hx-vwmv-q579, and as described by POC 4 in https://github.com/advisories/GHSA-cx63-2mw6-8hw5 report: via malicious URLs present on the pages of a package index.\n\n### Impact\nAn attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to RCE depending on the context.\n\n### References\nhttps://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5\nhttps://github.com/pypa/setuptools/issues/4946"}, {"lang": "en", "value": "setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write"}, {"lang": "en", "value": "setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue."}], "providerMetadata": {"orgId": "28c92f92-d60d-412d-b760-e73465c3df22", "shortName": "pypi", "dateUpdated": "2025-05-17T16:15:19Z", "x_subShortName": "pypi"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "Unknown", "content": {"data": "{\"description\":\"Important\"}"}}}], "affected": [{"vendor": "unknown", "product": "unknown", "defaultStatus": "unknown"}], "solutions": [{"lang": "en", "value": "SUSE bug 1243313"}], "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273", "name": "Mitre CVE-2025-47273"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001770.html", "name": "RHSA-2025:10407"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001806.html", "name": "RHSA-2025:11036"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001794.html", "name": "RHSA-2025:11043"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001795.html", "name": "RHSA-2025:11044"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-July/001828.html", "name": "RHSA-2025:11463"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001919.html", "name": "RHSA-2025:11607"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001886.html", "name": "RHSA-2025:11984"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001872.html", "name": "RHSA-2025:12834"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001908.html", "name": "RHSA-2025:13578"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-August/001954.html", "name": "RHSA-2025:14900"}, {"url": "https://lists.suse.com/pipermail/suse-liberty-linux-updates/2026-April/005039.html", "name": "RHSA-2025:9940"}, {"url": "https://www.suse.com/security/cve/CVE-2025-47273", "name": "SUSE CVE-2025-47273"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039333.html", "name": "SUSE-SU-2025:01693-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039332.html", "name": "SUSE-SU-2025:01695-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039345.html", "name": "SUSE-SU-2025:01704-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040145.html", "name": "SUSE-SU-2025:01704-2"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039348.html", "name": "SUSE-SU-2025:01709-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039372.html", "name": "SUSE-SU-2025:01715-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039363.html", "name": "SUSE-SU-2025:01723-1"}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020926.html", "name": "SUSE-SU-2025:01744-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039471.html", "name": "SUSE-SU-2025:01774-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040131.html", "name": "SUSE-SU-2025:01810-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040335.html", "name": "SUSE-SU-2025:20412-1"}, {"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040651.html", "name": "SUSE-SU-2025:20462-1"}], "descriptions": [{"lang": "en", "value": "\n    setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue.\n    "}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2025-05-24T00:00:00Z", "x_subShortName": "suse_server_12"}}, {"affected": [{"vendor": "unknown", "product": "unknown", "defaultStatus": "unknown"}], "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"}], "descriptions": [{"lang": "en", "value": "not defined"}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2000-01-01T00:00:00Z", "x_subShortName": "redhat_7"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:2.3:a:python:setuptools:*:*:*:*:*:*:*:*"], "vendor": "python", "product": "setuptools", "versions": [{"status": "affected", "version": "0", "lessThan": "78.1.1", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*"], "vendor": "debian", "product": "debian_linux", "versions": [{"status": "affected", "version": "11.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/pypa/setuptools/issues/4946", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf", "tags": ["exploit", "vendor-advisory"]}, {"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html", "tags": ["mailing-list"]}, {"url": "https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b", "tags": ["patch"]}, {"url": "https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue."}, {"lang": "es", "value": "setuptools es un paquete que permite a los usuarios descargar, compilar, instalar, actualizar y desinstalar paquetes de Python. Una vulnerabilidad de path traversal en `PackageIndex` está presente en setuptools anteriores a la versión 78.1.1. Un atacante podría escribir archivos en ubicaciones arbitrarias del sistema de archivos con los permisos del proceso que ejecuta el código Python, lo que podría escalar a la ejecución remota de código según el contexto. La versión 78.1.1 corrige el problema."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-22", "description": "CWE-22"}]}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000003", "shortName": "nvd", "dateUpdated": "2025-05-17T16:15:19Z", "x_subShortName": "nvd"}}}, "cveMetadata": {"cveId": "CVE-2025-47273", "state": "PUBLISHED", "dateUpdated": "2025-06-12T16:29:01Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-05-17T16:15:19Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.0"}