Published: 23/12/2022 Updated: 30/12/2022

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and previous versions allows remote malicious users to cause a denial of service via attacker controlled input to wheel cli.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wheel project wheel

Synopsis Moderate: python-wheel security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python-wheel is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as h ...

An issue discovered in Python Packaging Authority (PyPA) Wheel 0371 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli (CVE-2022-40898) ...

multiple-branches CVE-2022-40898 is present in branch with vuln commit

NVD-CWE-noinfo https://pypi.org/project/wheel/https://github.com/pypa/wheel/blob/main/src/wheel/wheelfile.py#L18 https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/https://access.redhat.com/errata/RHSA-2023:6712 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2362.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-40898

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect