CVE-2025-47273HIGHCVSS 7.7fixed in 78.1.12025-05-17
CVE-2025-47273 [HIGH] CWE-22 CVE-2025-47273: setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code
nvd