A high-severity remote-code-execution flaw in the widely used Python packaging library pypa/setuptools — tracked as CVE-2024-6345 — lets attackers turn crafted package URLs into arbitrary command execution on affected systems; the bug affects setuptools versions up to 69.1.1 and was corrected in...
