VYPR

apk package

wolfi/py3.10-setuptools

pkg:apk/wolfi/py3.10-setuptools

Vulnerabilities (2)

  • CVE-2026-24049Jan 22, 2026
    affected < 80.10.2-r0fixed 80.10.2-r0

    wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the fil

  • CVE-2026-23949Jan 20, 2026
    affected < 80.10.1-r0fixed 80.10.1-r0

    jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow atta