You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are working on Python 3.10 and found vulnerable version of setuptools package which is setuptools-65.5.0.
We did see Python 3.10 already has a fix for setuptools package and updated version of setuptools package which is setuptools-65.5.1. Though while doing analysis, we found the traces of vulnerable version inside ensurepip folder.
Please refer absolute file paths highlighted by blue in attached screenshot :
We are working on Python 3.10 and found vulnerable version of setuptools package which is setuptools-65.5.0.
We did see Python 3.10 already has a fix for setuptools package and updated version of setuptools package which is setuptools-65.5.1. Though while doing analysis, we found the traces of vulnerable version inside
ensurepipfolder.Please refer absolute file paths highlighted by blue in attached screenshot :
Vulnerability reference : GHSA-r9hx-vwmv-q579
CC: @samruddhikhandale, @eljog, @gauravsaini04