VYPR

apk package

chainguard/py3.9-setuptools

pkg:apk/chainguard/py3.9-setuptools

Vulnerabilities (3)

  • CVE-2026-24049Jan 22, 2026
    affected < 80.10.2-r0fixed 80.10.2-r0

    wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the fil

  • CVE-2026-23949Jan 20, 2026
    affected < 80.10.2-r0fixed 80.10.2-r0

    jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow atta

  • CVE-2024-6345HigJul 15, 2024
    affected < 72.1.0-r0fixed 72.1.0-r0

    A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are suscepti