All Versions
Vulnerabilities (Public)
Known vulnerabilities and security issues detected in the extension's dependencies and code.
| Vulnerability ID | Advisory | Affected Versions | |||
|---|---|---|---|---|---|
| CVE-2025-47273 | Affected versions of Setuptools are vulnerable to Path Traversal via PackageIndex.download(). The impact is Arbitrary File Overwrite: An attacker would be allowed to write files to arbitrary locations… | High | – | – | <78.1.1 |
| CVE-2024-6345 | Affected versions of Setuptools allow for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package i… | High | – | – | <70.0.0 |
| CVE-2022-40897 | Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or cu… | Medium | – | – | <65.5.1 |
| CVE-2013-1633 | Setuptools version 0.7 includes a fix for CVE-2013-1633: Easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package… | Medium | – | – | <0.7 |
Safety Discovered Vulnerabilities
Additional security issues found by Safety, exclusive to our platform.