Amazon Linux 2023 : python3.12-wheel, python3.12-wheel-wheel (ALAS2023-2026-1410)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1410 advisory. wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.46.1 and below, the unpack function is vulnerable to file permission modification through...

RHSA-2026:2866 Red Hat Security Advisory: python3.12-wheel security update

Bulletin has no description...

RHSA-2026:2865 Red Hat Security Advisory: python-wheel security update

Bulletin has no description...

wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the...

Important: Red Hat Security Advisory: python3.12-wheel security update

An update for python3.12-wheel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the...

Important: Red Hat Security Advisory: python-wheel security update

An update for python-wheel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

RHEL 9 : python3.12-wheel (RHSA-2026:2866)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2866 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Important: python3.12-wheel

Issue Overview: wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.46.1 and below, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename...

RHEL 10 : python-wheel (RHSA-2026:2865)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2865 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the...

RHSA-2026:2710 Red Hat Security Advisory: python3.12-wheel security update

Bulletin has no description...

BIT-PIP-2026-1703 Limited path traversal when installing wheel archives

When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...

Security Bulletin: File permission modification, improper access control, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable to file permission modification, improper access control, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool for manipulating Python wheel files, ...

wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the...

Important: Red Hat Security Advisory: python3.12-wheel security update

An update for python3.12-wheel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : python3.12-wheel (RHSA-2026:2710)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2710 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Important Photon OS Security Update - PHSA-2026-4.0-0963

Updates of 'python3-wheel' packages of Photon OS have been released...

openSUSE Security Advisory (SUSE-SU-2026:0460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...