On a bright of morning in a small town, the sound of birds concert in the air. The cool of the wind also increase this atmosphere more comfort for this cozy day.

When I tried to up rollout my first product AI using python flask to summary a long text into executive report on the first time. I found out an issues that, there is a vulnerability found which had a high score levels. That vulnerability is happened on setup tools. I tried to find what is actually an setup tools?,

In simple terms is a python library that helps you package and distribute python projects. With this tools, the python projects can define’s the metadata, manage dependencies, and create installable packages.

Maybe you ever run pip install that will install packages locally?, that is can be done with this setup tools. So, this library is an crucial tools to build a python projects can work properly and fine.

CVE-2025–47273 with the title is Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) published on 17 May 2025 and modified 28 May 2025. The impact of this vulnerability is an attacker could save files anywhere on the system using the same access level as the python program. With that conditions might even let them run malicious code remotely, depending on the situations.

The root cause of that error is because the official docker image is still using the old setup tools versions that is 65.5.1. and to solve this problems we need to upgrade it into version 78.1.1.