Package impact
PyPI / setuptools
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-1633 | medium | — | 6.8 | 4y ago | easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to e… | |||
| CVE-2025-47273 | medium | — | 5.5 | 1y ago | RHSA-2025:14900: python39:3.9 security update (Moderate) | |||
| CVE-2022-40897 | medium | — | 5.5 | 3y ago | RHSA-2024:2987: python27:2.7 security update (Moderate) |