Python Setuptools Library Security Update Advisory (CVE-2024-6345)

Jul 18 2024

Overview

An update has been released to address vulnerabilities in the Python Setuptools library. Users of the affected versions are advised to upgrade to the latest version.

Affected Products

CVE-2024-6345

pypa/setuptools version: ~ 69.1.1 (inclusive)

Resolved Vulnerabilities

Vulnerability in package_index module that may allow remote code execution via the download function (CVE-2024-6345)

Vulnerability Patches

Vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-6345

pypa/setuptools version: 70.0

Referenced Sites

[1] CVE-2024-6345 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-6345

[2] Remote code execution via download functions in the package_index module in pypa/setuptools

https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5

Python Setuptools Library Security Update Advisory (CVE-2024-6345)

Atlassian Family July 2024 Security Update Advisory

Google Chrome Browser (126.0.6478.182/183) Security Update Advisory

Tags:

Atlassian Family July 2024 Security Update Advisory

Google Chrome Browser (126.0.6478.182/183) Security Update Advisory