2372613 – CVE-2025-47273 python-setuptools: Path Traversal Vulnerability in setuptools PackageIndex [fedora-41]

Bug 2372613 - CVE-2025-47273 python-setuptools: Path Traversal Vulnerability in setuptools PackageIndex [fedora-41]

Summary: CVE-2025-47273 python-setuptools: Path Traversal Vulnerability in setuptools ...

Keywords:
Status:	MODIFIED
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	python-setuptools
Sub Component:
Version:	41
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Miro Hrončok
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	{"flaws": ["32f39b7a-9fbc-4e9e-a33c-b...
Depends On:
Blocks:	CVE-2025-47273
TreeView+	depends on / blocked

Reported:	2025-06-13 06:57 UTC by Kamil Dudka
Modified:	2025-06-16 12:55 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Fedora Package Sources	python-setuptools pull-request 129	0	None	None	None	2025-06-14 18:24:44 UTC

Description Kamil Dudka 2025-06-13 06:57:22 UTC

More information about this security flaw is available in the following bug:

https://bugzilla.redhat.com/show_bug.cgi?id=2366982

Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

Comment 1 Fedora Update System 2025-06-16 12:55:04 UTC

FEDORA-2025-1746085e78 (python-setuptools-69.2.0-10.fc41) has been submitted as an update to Fedora 41.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-1746085e78

Note You need to log in before you can comment on or make changes to this bug.