python-wheel vulnerabilities

Known vulnerabilities in the python-wheel package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M CVE-2024-8088	<1:0.35.1-4.module+el8.10.0+1860+afcc1c71
M CVE-2024-6923	<1:0.35.1-4.module+el8.10.0+1860+afcc1c71
M Arbitrary Code Injection	<1:0.35.1-4.module+el8.10.0+1860+afcc1c71
M CVE-2024-4032	<1:0.35.1-4.module+el8.10.0+1860+afcc1c71
M Cross-site Scripting (XSS)	<1:0.31.1-3.module+el8.9.0+1531+a18208f5
M XML External Entity (XXE) Injection	<1:0.31.1-3.module+el8.9.0+1531+a18208f5
M Use After Free	<1:0.31.1-3.module+el8.9.0+1531+a18208f5
H Arbitrary Command Injection	<1:0.31.1-3.module+el8.10.0+1592+61442852
M Inefficient Regular Expression Complexity	<1:0.35.1-4.module+el8.10.0+1582+bc278001
H CVE-2024-3651	<1:0.35.1-4.module+el8.10.0+1582+bc278001
H CVE-2024-0450	<1:0.35.1-4.module+el8.10.0+1582+bc278001
H CVE-2023-6597	<1:0.35.1-4.module+el8.10.0+1582+bc278001
M CVE-2023-43804	<1:0.31.1-3.module+el8.9.0+1531+a18208f5
M Improper Input Validation	<1:0.35.1-4.module+el8.10.0+1582+bc278001
M Improper Check for Unusual or Exceptional Conditions	<1:0.35.1-4.module+el8.10.0+1582+bc278001
M Inefficient Regular Expression Complexity	<1:0.31.1-3.module+el8.9.0+1531+a18208f5
H Improper Input Validation	<0:0.33.6-6.module+el8.5.0+672+ab6eb015
M Directory Traversal	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M CRLF Injection	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M CRLF Injection	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M CVE-2019-16056	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Improper Certificate Validation	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M CRLF Injection	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Improper Input Validation	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M CVE-2018-20060	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Insufficiently Protected Credentials	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Arbitrary Command Injection	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Cross-site Scripting (XSS)	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Deserialization of Untrusted Data	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Directory Traversal	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Resource Exhaustion	<0:0.33.6-5.module+el8.4.0+570+c2eaf144
M Improper Input Validation	<0:0.33.6-5.module+el8.4.0+570+c2eaf144
M Use of Insufficiently Random Values	<0:0.33.6-5.module+el8.4.0+570+c2eaf144
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Deserialization of Untrusted Data	<0:0.33.6-5.module+el8.4.0+570+c2eaf144
M CVE-2021-3572	<1:0.35.1-4.module+el8.5.0+673+10283621
M Directory Traversal	<1:0.35.1-4.module+el8.5.0+673+10283621
M Resource Exhaustion	<1:0.35.1-4.module+el8.5.0+673+10283621
M CVE-2021-29921	<1:0.35.1-4.module+el8.5.0+673+10283621
M Improper Input Validation	<0:0.33.6-5.module+el8.4.0+570+c2eaf144
M Buffer Overflow	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Cross-site Scripting (XSS)	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Arbitrary Code Injection	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Double Free	<0:0.33.6-6.module+el8.5.0+672+ab6eb015
M Arbitrary Code Injection	<1:0.31.1-2.module+el8.3.0+120+426d8baf
M Directory Traversal	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Cross-site Scripting (XSS)	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Inefficient Regular Expression Complexity	<1:0.31.1-3.module+el8.5.0+671+195e4563
M HTTP Request Smuggling	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:0.31.1-3.module+el8.5.0+671+195e4563
M CVE-2021-20095	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Resource Exhaustion	<1:0.31.1-3.module+el8.5.0+671+195e4563
M CVE-2020-27619	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Arbitrary Code Injection	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Arbitrary Code Injection	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Unchecked Return Value	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Resource Exhaustion	<1:0.31.1-3.module+el8.5.0+671+195e4563
M Resource Exhaustion	<1:0.31.1-3.module+el8.5.0+671+195e4563
H CVE-2022-42919	<1:0.35.1-4.module+el8.5.0+673+10283621

Vulnerability

Vulnerable Version

CVE-2024-8088

<1:0.35.1-4.module+el8.10.0+1860+afcc1c71

CVE-2024-6923

<1:0.35.1-4.module+el8.10.0+1860+afcc1c71

Arbitrary Code Injection

<1:0.35.1-4.module+el8.10.0+1860+afcc1c71

CVE-2024-4032

<1:0.35.1-4.module+el8.10.0+1860+afcc1c71

Cross-site Scripting (XSS)

<1:0.31.1-3.module+el8.9.0+1531+a18208f5

XML External Entity (XXE) Injection

<1:0.31.1-3.module+el8.9.0+1531+a18208f5

Use After Free

<1:0.31.1-3.module+el8.9.0+1531+a18208f5

Arbitrary Command Injection

<1:0.31.1-3.module+el8.10.0+1592+61442852

Inefficient Regular Expression Complexity

<1:0.35.1-4.module+el8.10.0+1582+bc278001

CVE-2024-3651

<1:0.35.1-4.module+el8.10.0+1582+bc278001

CVE-2024-0450

<1:0.35.1-4.module+el8.10.0+1582+bc278001

CVE-2023-6597

<1:0.35.1-4.module+el8.10.0+1582+bc278001

CVE-2023-43804

<1:0.31.1-3.module+el8.9.0+1531+a18208f5

Improper Input Validation

<1:0.35.1-4.module+el8.10.0+1582+bc278001

Improper Check for Unusual or Exceptional Conditions

<1:0.35.1-4.module+el8.10.0+1582+bc278001

Inefficient Regular Expression Complexity

<1:0.31.1-3.module+el8.9.0+1531+a18208f5

Improper Input Validation

<0:0.33.6-6.module+el8.5.0+672+ab6eb015

Directory Traversal

<1:0.31.1-2.module+el8.3.0+120+426d8baf

CRLF Injection

<1:0.31.1-2.module+el8.3.0+120+426d8baf

CRLF Injection

<1:0.31.1-2.module+el8.3.0+120+426d8baf

CVE-2019-16056

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Improper Certificate Validation

<1:0.31.1-2.module+el8.3.0+120+426d8baf

CRLF Injection

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Improper Input Validation

<1:0.31.1-2.module+el8.3.0+120+426d8baf

CVE-2018-20060

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Insufficiently Protected Credentials

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Arbitrary Command Injection

<1:0.31.1-3.module+el8.5.0+671+195e4563

Cross-site Scripting (XSS)

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Deserialization of Untrusted Data

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Directory Traversal

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Resource Exhaustion

<0:0.33.6-5.module+el8.4.0+570+c2eaf144

Improper Input Validation

<0:0.33.6-5.module+el8.4.0+570+c2eaf144

Use of Insufficiently Random Values

<0:0.33.6-5.module+el8.4.0+570+c2eaf144

Loop with Unreachable Exit Condition ('Infinite Loop')

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Deserialization of Untrusted Data

<0:0.33.6-5.module+el8.4.0+570+c2eaf144

CVE-2021-3572

<1:0.35.1-4.module+el8.5.0+673+10283621

Directory Traversal

<1:0.35.1-4.module+el8.5.0+673+10283621

Resource Exhaustion

<1:0.35.1-4.module+el8.5.0+673+10283621

CVE-2021-29921

<1:0.35.1-4.module+el8.5.0+673+10283621

Improper Input Validation

<0:0.33.6-5.module+el8.4.0+570+c2eaf144

Buffer Overflow

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Cross-site Scripting (XSS)

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Arbitrary Code Injection

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Double Free

<0:0.33.6-6.module+el8.5.0+672+ab6eb015

Arbitrary Code Injection

<1:0.31.1-2.module+el8.3.0+120+426d8baf

Directory Traversal

<1:0.31.1-3.module+el8.5.0+671+195e4563

Cross-site Scripting (XSS)

<1:0.31.1-3.module+el8.5.0+671+195e4563

Inefficient Regular Expression Complexity

<1:0.31.1-3.module+el8.5.0+671+195e4563

HTTP Request Smuggling

<1:0.31.1-3.module+el8.5.0+671+195e4563

Loop with Unreachable Exit Condition ('Infinite Loop')

<1:0.31.1-3.module+el8.5.0+671+195e4563

CVE-2021-20095

<1:0.31.1-3.module+el8.5.0+671+195e4563

Resource Exhaustion

<1:0.31.1-3.module+el8.5.0+671+195e4563

CVE-2020-27619

<1:0.31.1-3.module+el8.5.0+671+195e4563

Arbitrary Code Injection

<1:0.31.1-3.module+el8.5.0+671+195e4563

Arbitrary Code Injection

<1:0.31.1-3.module+el8.5.0+671+195e4563

Unchecked Return Value

<1:0.31.1-3.module+el8.5.0+671+195e4563

Resource Exhaustion

<1:0.31.1-3.module+el8.5.0+671+195e4563

Resource Exhaustion

<1:0.31.1-3.module+el8.5.0+671+195e4563

CVE-2022-42919

<1:0.35.1-4.module+el8.5.0+673+10283621

python-wheel vulnerabilities

Direct Vulnerabilities

How to fix?