CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
Security Advisory Description
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py. (CVE-2022-40897)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Vendor | Product | Version | CPE |
---|---|---|---|
f5 | big-ip_next_central_manager | 20.2.0 | cpe:2.3:a:f5:big-ip_next_central_manager:20.2.0:*:*:*:*:*:*:* |
f5 | big-ip_next_central_manager | 20.2.1 | cpe:2.3:a:f5:big-ip_next_central_manager:20.2.1:*:*:*:*:*:*:* |
f5 | big-ip_next | 1.1.0 | cpe:2.3:a:f5:big-ip_next:1.1.0:*:*:*:*:*:*:* |
f5 | big-ip_next | 1.1.1 | cpe:2.3:a:f5:big-ip_next:1.1.1:*:*:*:*:*:*:* |
f5 | big-ip_next | 1.2.0 | cpe:2.3:a:f5:big-ip_next:1.2.0:*:*:*:*:*:*:* |
f5 | big-ip_next | 1.2.1 | cpe:2.3:a:f5:big-ip_next:1.2.1:*:*:*:*:*:*:* |
f5 | big-ip_next | 1.3.0 | cpe:2.3:a:f5:big-ip_next:1.3.0:*:*:*:*:*:*:* |
f5 | big-ip_next | 1.3.1 | cpe:2.3:a:f5:big-ip_next:1.3.1:*:*:*:*:*:*:* |
f5 | big-ip_ltm | 20.2.0 | cpe:2.3:a:f5:big-ip_ltm:20.2.0:*:*:*:*:*:*:* |
f5 | big-ip_ltm | 20.2.1 | cpe:2.3:a:f5:big-ip_ltm:20.2.1:*:*:*:*:*:*:* |