Safety vulnerability ID: 76752
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Affected versions of Setuptools are vulnerable to Path Traversal via PackageIndex.download(). The impact is Arbitrary File Overwrite: An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to RCE depending on the context.
Latest version: 80.8.0
Easily download, build, install, upgrade, and uninstall Python packages
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application