{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9900?format=json","vulnerability_id":"VCID-12sa-qzjz-2ya9","summary":"An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.","aliases":[{"alias":"CVE-2022-40898"},{"alias":"GHSA-qwmp-2cf2-g9g6"},{"alias":"PYSEC-2022-43017"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942688?format=json","purl":"pkg:deb/debian/wheel@0.38.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wheel@0.38.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942687?format=json","purl":"pkg:deb/debian/wheel@0.38.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wheel@0.38.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1055261?format=json","purl":"pkg:deb/debian/wheel@0.38.4-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wheel@0.38.4-2"},{"url":"http://public2.vulnerablecode.io/api/packages/942690?format=json","purl":"pkg:deb/debian/wheel@0.46.1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fm8w-bycx-4yex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wheel@0.46.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942689?format=json","purl":"pkg:deb/debian/wheel@0.46.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wheel@0.46.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077506?format=json","purl":"pkg:deb/debian/wheel@0.47.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wheel@0.47.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/30964?format=json","purl":"pkg:pypi/wheel@0.38.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.38.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1055260?format=json","purl":"pkg:deb/debian/wheel@0.34.2-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wheel@0.34.2-1"},{"url":"http://public2.vulnerablecode.io/api/packages/942686?format=json","purl":"pkg:deb/debian/wheel@0.34.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wheel@0.34.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/30885?format=json","purl":"pkg:pypi/wheel@0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30887?format=json","purl":"pkg:pypi/wheel@0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/30889?format=json","purl":"pkg:pypi/wheel@0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/30890?format=json","purl":"pkg:pypi/wheel@0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/30891?format=json","purl":"pkg:pypi/wheel@0.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30892?format=json","purl":"pkg:pypi/wheel@0.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/30893?format=json","purl":"pkg:pypi/wheel@0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/30894?format=json","purl":"pkg:pypi/wheel@0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/30896?format=json","purl":"pkg:pypi/wheel@0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/30898?format=json","purl":"pkg:pypi/wheel@0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/30900?format=json","purl":"pkg:pypi/wheel@0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/30901?format=json","purl":"pkg:pypi/wheel@0.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30902?format=json","purl":"pkg:pypi/wheel@0.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/30903?format=json","purl":"pkg:pypi/wheel@0.9.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.9.3"},{"url":"http://public2.vulnerablecode.io/api/packages/30904?format=json","purl":"pkg:pypi/wheel@0.9.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.9.4"},{"url":"http://public2.vulnerablecode.io/api/packages/30905?format=json","purl":"pkg:pypi/wheel@0.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/30906?format=json","purl":"pkg:pypi/wheel@0.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/30907?format=json","purl":"pkg:pypi/wheel@0.9.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.9.7"},{"url":"http://public2.vulnerablecode.io/api/packages/30908?format=json","purl":"pkg:pypi/wheel@0.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30910?format=json","purl":"pkg:pypi/wheel@0.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30911?format=json","purl":"pkg:pypi/wheel@0.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.10.2"},{"url":"http://public2.vulnerablecode.io/api/packages/30912?format=json","purl":"pkg:pypi/wheel@0.10.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.10.3"},{"url":"http://public2.vulnerablecode.io/api/packages/30913?format=json","purl":"pkg:pypi/wheel@0.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30914?format=json","purl":"pkg:pypi/wheel@0.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.12.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30916?format=json","purl":"pkg:pypi/wheel@0.13.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.13.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30917?format=json","purl":"pkg:pypi/wheel@0.14.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.14.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30918?format=json","purl":"pkg:pypi/wheel@0.15.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.15.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30919?format=json","purl":"pkg:pypi/wheel@0.16.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.16.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30920?format=json","purl":"pkg:pypi/wheel@0.17.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.17.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30921?format=json","purl":"pkg:pypi/wheel@0.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.18.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30922?format=json","purl":"pkg:pypi/wheel@0.19.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.19.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30924?format=json","purl":"pkg:pypi/wheel@0.21.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.21.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30925?format=json","purl":"pkg:pypi/wheel@0.22.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.22.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30926?format=json","purl":"pkg:pypi/wheel@0.23.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.23.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30927?format=json","purl":"pkg:pypi/wheel@0.24.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.24.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30928?format=json","purl":"pkg:pypi/wheel@0.25.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.25.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30929?format=json","purl":"pkg:pypi/wheel@0.26.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.26.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30930?format=json","purl":"pkg:pypi/wheel@0.27.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.27.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30931?format=json","purl":"pkg:pypi/wheel@0.28.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.28.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30932?format=json","purl":"pkg:pypi/wheel@0.29.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.29.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30933?format=json","purl":"pkg:pypi/wheel@0.30.0a0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.30.0a0"},{"url":"http://public2.vulnerablecode.io/api/packages/30935?format=json","purl":"pkg:pypi/wheel@0.30.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.30.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30936?format=json","purl":"pkg:pypi/wheel@0.31.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.31.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30937?format=json","purl":"pkg:pypi/wheel@0.31.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.31.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30938?format=json","purl":"pkg:pypi/wheel@0.32.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.32.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30939?format=json","purl":"pkg:pypi/wheel@0.32.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.32.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30940?format=json","purl":"pkg:pypi/wheel@0.32.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.32.2"},{"url":"http://public2.vulnerablecode.io/api/packages/30942?format=json","purl":"pkg:pypi/wheel@0.32.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.32.3"},{"url":"http://public2.vulnerablecode.io/api/packages/30943?format=json","purl":"pkg:pypi/wheel@0.33.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.33.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30945?format=json","purl":"pkg:pypi/wheel@0.33.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.33.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30946?format=json","purl":"pkg:pypi/wheel@0.33.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.33.4"},{"url":"http://public2.vulnerablecode.io/api/packages/30947?format=json","purl":"pkg:pypi/wheel@0.33.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.33.5"},{"url":"http://public2.vulnerablecode.io/api/packages/30948?format=json","purl":"pkg:pypi/wheel@0.33.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.33.6"},{"url":"http://public2.vulnerablecode.io/api/packages/30949?format=json","purl":"pkg:pypi/wheel@0.34.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.34.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30950?format=json","purl":"pkg:pypi/wheel@0.34.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.34.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30951?format=json","purl":"pkg:pypi/wheel@0.34.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.34.2"},{"url":"http://public2.vulnerablecode.io/api/packages/30953?format=json","purl":"pkg:pypi/wheel@0.35.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.35.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30955?format=json","purl":"pkg:pypi/wheel@0.35.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.35.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30956?format=json","purl":"pkg:pypi/wheel@0.36.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.36.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30958?format=json","purl":"pkg:pypi/wheel@0.36.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.36.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30960?format=json","purl":"pkg:pypi/wheel@0.36.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.36.2"},{"url":"http://public2.vulnerablecode.io/api/packages/30961?format=json","purl":"pkg:pypi/wheel@0.37.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.37.0"},{"url":"http://public2.vulnerablecode.io/api/packages/30962?format=json","purl":"pkg:pypi/wheel@0.37.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.37.1"},{"url":"http://public2.vulnerablecode.io/api/packages/30963?format=json","purl":"pkg:pypi/wheel@0.38.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/wheel@0.38.0"},{"url":"http://public2.vulnerablecode.io/api/packages/97383?format=json","purl":"pkg:rpm/redhat/python-wheel@1:0.36.2-8?arch=el9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-wheel@1:0.36.2-8%3Farch=el9"},{"url":"http://public2.vulnerablecode.io/api/packages/95640?format=json","purl":"pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1?arch=el9_5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"},{"vulnerability":"VCID-61xa-2pun-n3c9"},{"vulnerability":"VCID-9rmn-3anf-fqcm"},{"vulnerability":"VCID-qatb-my8j-b3hr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1%3Farch=el9_5"},{"url":"http://public2.vulnerablecode.io/api/packages/97384?format=json","purl":"pkg:rpm/redhat/rh-python38-python-wheel@0.33.6-9?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-12sa-qzjz-2ya9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python38-python-wheel@0.33.6-9%3Farch=el7"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40898.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40898.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40898","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36678","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37059","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37073","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.371","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37134","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37124","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37199","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3711","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37228","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37045","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37101","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37119","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38254","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38244","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38175","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3829","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38382","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38407","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38166","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40898"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/wheel/PYSEC-2022-43017.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/wheel/PYSEC-2022-43017.yaml"},{"reference_url":"https://github.com/pypa/wheel","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/wheel"},{"reference_url":"https://github.com/pypa/wheel/blob/main/src/wheel/wheelfile.py#L18","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:53:45Z/"}],"url":"https://github.com/pypa/wheel/blob/main/src/wheel/wheelfile.py#L18"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40898","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40898"},{"reference_url":"https://pypi.org/project/wheel","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/wheel"},{"reference_url":"https://pypi.org/project/wheel/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:53:45Z/"}],"url":"https://pypi.org/project/wheel/"},{"reference_url":"https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages"},{"reference_url":"https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:53:45Z/"}],"url":"https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/"},{"reference_url":"https://pyup.io/vulnerabilities/CVE-2022-40898/51499","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pyup.io/vulnerabilities/CVE-2022-40898/51499"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2165864","reference_id":"2165864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2165864"},{"reference_url":"https://github.com/advisories/GHSA-qwmp-2cf2-g9g6","reference_id":"GHSA-qwmp-2cf2-g9g6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qwmp-2cf2-g9g6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6712","reference_id":"RHSA-2023:6712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6793","reference_id":"RHSA-2023:6793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10761","reference_id":"RHSA-2024:10761","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10761"},{"reference_url":"https://usn.ubuntu.com/5821-1/","reference_id":"USN-5821-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5821-1/"},{"reference_url":"https://usn.ubuntu.com/5821-3/","reference_id":"USN-5821-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5821-3/"},{"reference_url":"https://usn.ubuntu.com/USN-5821-2/","reference_id":"USN-USN-5821-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5821-2/"}],"weaknesses":[{"cwe_id":1333,"name":"Inefficient Regular Expression Complexity","description":"The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles."},{"cwe_id":400,"name":"Uncontrolled Resource Consumption","description":"The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"4.3 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-12sa-qzjz-2ya9"}