VYPR

PyPI package

wheel

pkg:pypi/wheel

Vulnerabilities (2)

  • CVE-2026-24049Jan 22, 2026
    affected >= 0.40.0, < 0.46.2fixed 0.46.2

    wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the fil

  • CVE-2022-40898Dec 22, 2022
    affected < 0.38.1fixed 0.38.1

    An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.