Summary
A vulnerability in the package_index module of pypa/setuptools versions allows for remote code execution via its download functions. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.
Products Potentially Affected
|
OS/Product
|
Exposure
|
|
ExtremeCloud IQ - Site Engine (XIQ-SE)
|
No
|
Repair Recommendations
Please see the full security advisory article here for more details and updates.
