665 matches found
AZL-76496 CVE-2026-1703 affecting package python-virtualenv 20.26.6-2
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
UBUNTU-CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
EUVD-2026-5106
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
CVE-2026-1703 Limited path traversal when installing wheel archives
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
CVE-2026-1703 Limited path traversal when installing wheel archives
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
CVE-2026-1703
CVE-2026-1703 describes a path traversal in wheel extraction during pip install. When parsing a malicious wheel, files may be extracted outside the installation directory, but the traversal is limited to prefixes of the installation directory and is not able to inject/overwrite executable files i...
CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
OPENSUSE-SU-2026:20147-1 Security update for python-wheel
This update for python-wheel fixes the following issues: - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100...
SUSE-SU-2026:20217-1 Security update for python-wheel
This update for python-wheel fixes the following issues: - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100...
Linux Distros Unpatched Vulnerability : CVE-2026-1703
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is...
pip 安全漏洞
pip is a Python package installer developed by the Python Packaging Authority. There is a security vulnerability in pip, which stems from potential path traversal when installing maliciously crafted wheel archives, potentially leading to files being extracted outside of the installation directory...
Fedora: Security Advisory (FEDORA-2026-78d626bfca)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-3d31544140)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-28a177c207)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-ce64e86fd8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 42 Update: mingw-python-wheel-0.46.3-1.fc42
MinGW Windows Python wheel library...
[SECURITY] Fedora 42 Update: python-wheel-0.45.1-5.fc42
This is a command line tool for manipulating Python wheel files, as defined in PEP 427. It contains the following functionality: - Convert .egg archives into .whl. - Unpack wheel archives. - Repack wheel archives. - Add or remove tags in existing wheel archives...