Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in wheel-0.45.1-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in wheel-0.45.1-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function...

Security Bulletin: Vulnerability in wheel affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in wheel has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

Astra Linux - уязвимость в wheel

An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...

USN-8221-1: wheel vulnerability

It was discovered that wheel did not correctly handle certain file paths. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to execute arbitrary code...

Ubuntu 24.04 LTS : wheel vulnerability (USN-8221-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8221-1 advisory. It was discovered that wheel did not correctly handle certain file paths. If a user or automated system were tricked into opening a specially crafted file, an...

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool...

Security Bulletin: Vulnerability in wheel affects IBM Netezza Appliance

Summary The wheel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2026-24049 Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.28 security and extras update

Red Hat OpenShift Container Platform release 4.19.28 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a security impact of...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.37 security and extras update

Red Hat OpenShift Container Platform release 4.18.37 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.9 security and extras update

Red Hat OpenShift Container Platform release 4.21.9 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a security impact of...

CVE-2026-34591

Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. It is reachable from untrusted package...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses wheel dependency which is vulnerable to CVE-2026-24049.

Summary IBM Maximo Application Suite - Visual Inspection Component uses wheel dependency which is vulnerable to CVE-2026-24049. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool...

Security Bulletin: Vulnerabilities in wheel affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in wheel has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a...

Important: python3.12-wheel

Issue Overview: wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.46.1 and below, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename...

RockyLinux 10 : python-wheel (RLSA-2026:1902)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1902 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

AlmaLinux 8 : python3.12-wheel (ALSA-2026:2090)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2090 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

Important: python3.13-wheel

Issue Overview: wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.46.1 and below, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename...

RHEL 9 : python3.12-wheel (RHSA-2026:1939)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1939 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

RockyLinux 9 : python3.12-wheel (RLSA-2026:1939)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1939 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

Amazon Linux 2023 : python3.13-wheel, python3.13-wheel-wheel (ALAS2023-2026-1414)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1414 advisory. wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.46.1 and below, the unpack function is vulnerable to file permission modification through...