VYPR

rpm package

opensuse/python-wheel&distro=openSUSE Leap 15.6

pkg:rpm/opensuse/python-wheel&distro=openSUSE%20Leap%2015.6

Vulnerabilities (3)

  • CVE-2026-24049Jan 22, 2026
    affected < 0.42.0-150600.3.3.1fixed 0.42.0-150600.3.3.1

    wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the fil

  • CVE-2023-28859Mar 26, 2023
    affected < 0.40.0-150400.13.7.4fixed 0.40.0-150400.13.7.4

    redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutio

  • CVE-2023-28858Mar 26, 2023
    affected < 0.40.0-150400.13.7.4fixed 0.40.0-150400.13.7.4

    redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner. NOTE: this CVE Record was initially created in response to reports about ChatGPT