1. PyPA Setuptools CVE-2024-6345: Critical RCE Flaw in Core Python Tooling
A critical vulnerability in the PyPA `setuptools` library, tracked as CVE-2024-6345, exposes millions of Python development environments and CI/CD pipelines to remote code execution. The flaw resides in the `package_index` module, where functions used to download packages from user-provided or index server URLs are vul...