CVE-2025-47273 – Setuptools Remote Code Execution via Path Traversal

May 17, 2025

CVE ID : CVE-2025-47273

Published : May 17, 2025, 4:15 p.m. | 30 minutes ago

Description : setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4830 – TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

Next Article CVE-2025-47931 – LibreNMS Stored Cross-Site Scripting (XSS) Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

Save $400 on the best Samsung TVs, laptops, tablets, and more when you sign up for Verizon 5G Home or Home Internet

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

Big Changes at Meteor Software: Our Next Chapter

Apps in Generative AI – Transforming the Digital Experience

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

CVE-2025-47273 – Setuptools Remote Code Execution via Path Traversal

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Google DeepMind Introduces Med-Gemini: A Groundbreaking Family of AI Models Revolutionizing Medical Diagnosis and Clinical Reasoning

CVE-2025-1993 – IBM App Connect Enterprise Certified Container Cryptographic Weakness

CVE-2025-21453 – Adobe Flash Memory Corruption Vulnerability

20+ Best YouTube Channel Premiere Pro Templates

Researchers Identify Working Method to Exploit GitHub Artifacts to Hack Major Projects

10 Free and Open Source Game Engines – Part 3

Benchmarking Node’s recent performance enhancements

Steam games won’t make you watch unskippable ads for health bars or XP anymore

CVE-2025-47273 – Setuptools Remote Code Execution via Path Traversal

Related Posts