VYPR

apk package

chainguard/pip-zipapp

pkg:apk/chainguard/pip-zipapp

Vulnerabilities (1)

  • CVE-2026-24049Jan 22, 2026
    affected < 26.0.1-r0fixed 26.0.1-r0

    wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the fil