Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk:Medium] setuptools Regular Expression Denial of Service (Due 08/12/2024 ) #6269

Closed
1 task
pkfec opened this issue May 16, 2024 · 1 comment
Closed
1 task

[Snyk:Medium] setuptools Regular Expression Denial of Service (Due 08/12/2024 ) #6269

pkfec opened this issue May 16, 2024 · 1 comment
Labels
Security: moderate Remediate within 60 days Work: Back-end
Milestone
25.6

Comments

@pkfec
Copy link
Contributor

pkfec commented May 16, 2024

Regular Expression Denial of Service ReDoS in [email protected]

Introduced through:

introduced by [email protected] > [email protected] > [email protected]

Remediation:

Pin [email protected] to [email protected]

Completion criteria:

  • Pin setuptools to version [email protected] and verify snyk cli no longer flags setuptools as vulnerable package
@pkfec pkfec added Work: Back-end Security: moderate Remediate within 60 days labels May 16, 2024
@pkfec pkfec added this to the 25.6 milestone May 16, 2024
@pkfec pkfec moved this to 🗄️ PI backlog in Website project May 16, 2024
This was referenced May 16, 2024
Closed
Closed
This was referenced May 29, 2024
Closed
Closed
@pkfec pkfec mentioned this issue Jun 12, 2024
Closed
2 tasks
@pkfec pkfec mentioned this issue Jun 20, 2024
Closed
3 tasks
This was referenced Jun 26, 2024
Closed
Closed
@fec-jli
Copy link
Contributor

fec-jli commented Jul 10, 2024

Check log Spirnt 25.1 week 1, this vulnerability not exist, so close this.

@fec-jli fec-jli closed this as completed Jul 10, 2024
@github-project-automation github-project-automation bot moved this from 🗄️ PI backlog to ✅ Done in Website project Jul 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Security: moderate Remediate within 60 days Work: Back-end
Projects
Website project
Status: ✅ Done
Milestone
25.6
Development

No branches or pull requests
2 participants
@pkfec @fec-jli