Red Hat Security Advisory: python39:3.9 security update
A path traversal vulnerability (CVE-2025-47273) was identified in the setuptools PackageIndex component of the python39:3. 9 module on Red Hat Enterprise Linux 8. 8. This vulnerability could allow unauthorized file system access via crafted inputs. Red Hat has issued a security advisory (RHSA-2025:15408) rating the impact as moderate and providing updated packages to address the issue. The advisory references official update instructions and package versions to remediate the vulnerability. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
The vulnerability CVE-2025-47273 affects the setuptools PackageIndex in the python39:3.9 module on Red Hat Enterprise Linux 8.8. It is a path traversal issue (CWE-22) that could potentially allow an attacker to access files outside the intended directory structure. Red Hat Product Security has released an update to python39:3.9 that fixes this vulnerability. The advisory RHSA-2025:15408 provides details on the affected packages and instructions for applying the update. No CVSS score is provided, but the severity is rated as moderate by Red Hat.
Potential Impact
The path traversal vulnerability could allow unauthorized access to files on the system where the vulnerable setuptools PackageIndex is used. This may lead to information disclosure or other impacts depending on the context of usage. However, there are no known exploits in the wild currently. The severity is assessed as moderate by Red Hat.
Mitigation Recommendations
Red Hat has released an official security update for python39:3.9 to address CVE-2025-47273. Users should apply the updated packages as described in the Red Hat advisory RHSA-2025:15408 and the update instructions at https://access.redhat.com/articles/11258. Since this is an official fix, applying the update fully mitigates the vulnerability. Patch status is confirmed by the vendor advisory.
Red Hat Security Advisory: python39:3.9 security update
Description
A path traversal vulnerability (CVE-2025-47273) was identified in the setuptools PackageIndex component of the python39:3. 9 module on Red Hat Enterprise Linux 8. 8. This vulnerability could allow unauthorized file system access via crafted inputs. Red Hat has issued a security advisory (RHSA-2025:15408) rating the impact as moderate and providing updated packages to address the issue. The advisory references official update instructions and package versions to remediate the vulnerability. No known exploits are reported in the wild at this time.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2025-47273 affects the setuptools PackageIndex in the python39:3.9 module on Red Hat Enterprise Linux 8.8. It is a path traversal issue (CWE-22) that could potentially allow an attacker to access files outside the intended directory structure. Red Hat Product Security has released an update to python39:3.9 that fixes this vulnerability. The advisory RHSA-2025:15408 provides details on the affected packages and instructions for applying the update. No CVSS score is provided, but the severity is rated as moderate by Red Hat.
Potential Impact
The path traversal vulnerability could allow unauthorized access to files on the system where the vulnerable setuptools PackageIndex is used. This may lead to information disclosure or other impacts depending on the context of usage. However, there are no known exploits in the wild currently. The severity is assessed as moderate by Red Hat.
Mitigation Recommendations
Red Hat has released an official security update for python39:3.9 to address CVE-2025-47273. Users should apply the updated packages as described in the Red Hat advisory RHSA-2025:15408 and the update instructions at https://access.redhat.com/articles/11258. Since this is an official fix, applying the update fully mitigates the vulnerability. Patch status is confirmed by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:15408
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a1f4e87e29bf47b50081895
Added to database: 6/2/2026, 9:43:35 PM
Last enriched: 6/2/2026, 10:11:25 PM
Last updated: 6/3/2026, 5:02:46 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.