Package impact
PyPI / setuptools
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2013-1633 | medium | — | 6.8 | 4y ago | easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to e… | |
| CVE-2025-47273 | medium | — | 5.5 | 1y ago | Moderate: fence-agents security update | |
| CVE-2022-40897 | medium | — | 5.5 | 3y ago | Moderate: python-setuptools security update |