EulerOS 2.0 SP11 : python-wheel (EulerOS-SA-2023-1767)

According to the versions of the python-wheel package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via...

EulerOS 2.0 SP11 : python-wheel (EulerOS-SA-2023-1789)

According to the versions of the python-wheel package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via...

Security Bulletin: Python Packaging Authority (PyPA) Wheel is vulnerable to CVE-2022-40898 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Python Packaging Authority PyPA Wheel which is vulnerable to CVE-2022-40898. Vulnerability Details CVEID:CVE-2022-40898 DESCRIPTION: Python Packaging Authority PyPA Wheel is vulnerable to a denial of service. A remote attacker could exploit this...

Gaining an Advantage in Roulette

You can beat the game without a computer: On a perfect roulette wheel, the ball would always fall in a random way. But over time, wheels develop flaws, which turn into patterns. A wheel thats even marginally tilted could develop what Barnett called a drop zone. When the tilt forces the ball to...

EulerOS 2.0 SP8 : python-wheel (EulerOS-SA-2023-1608)

According to the versions of the python-wheel package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via...

Huawei EulerOS: Security Advisory for python-wheel (EulerOS-SA-2023-1608)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0516-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0088-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : python-wheel (SUSE-SU-2023:0088-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0088-2 advisory. - An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via...

SUSE-SU-2023:0088-2 Security update for python-wheel

This update for python-wheel fixes the following issues: - CVE-2022-40898: Fixed an excessive use of CPU that could be triggered via a crafted regular expression bsc1206670...

USN-5821-4 python-pip regression

USN-5821-3 fixed a vulnerability in pip. The update introduced a minor regression in Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Sebastian Chnelik discovered that wheel incorrectly handled...

USN-5821-3 python-pip regression

USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately, it was missing a commit to fix it properly in pip. We apologize for the inconvenience. Original advisory details: Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : pip regression (USN-5821-3)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5821-3 advisory. USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately, it was missing a commit to fix it properly in pip. We...

SUSE-SU-2023:0516-2 Security update for python-pip

This update for python-pip fixes the following issues: - Add wheel subpackage with the generated wheel for this package bsc1176262, CVE-2019-20916. - Make wheel a separate build run to avoid the setuptools/wheel build cycle. - Switch this package to use update-alternatives for all files in %bindi...

SUSE CVE-2011-4945

PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which allows local users in the wheel group to gain root privileges without authentication...

SUSE CVE-2019-3827

An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...

SUSE CVE-2021-25282

An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillarroots.write method is vulnerable to directory traversal...

SUSE CVE-2022-40898

An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...

CVE-2022-40898

An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in PyPA Wheel

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of PyPA Wheel. Vulnerability Details CVEID:CVE-2022-40898 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially...