CVE-2022-40897
- Reference to the description:
- Description:
- Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
- Last updated date:
- 10/29/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 12/30/2022
- Reference url to background
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/