Closed SCH227 closed 7 months ago
Hello!
Latest version of auditwheel on PyPI is using the same vulnerable regex which was assigned CVE-2022-40898: https://inspector.pypi.io/project/auditwheel/5.4.0/packages/fa/47/fc8852c6deaadfdf57c58aefc8fed305fe998367b1b5e352dccd3ca5c36f/auditwheel-5.4.0-py3-none-any.whl/auditwheel/_vendor/wheel/wheelfile.py#line.18
This PR fixes the issue.
Is there an ETA for a patched release on PyPI?
Hello!
Latest version of auditwheel on PyPI is using the same vulnerable regex which was assigned CVE-2022-40898: https://inspector.pypi.io/project/auditwheel/5.4.0/packages/fa/47/fc8852c6deaadfdf57c58aefc8fed305fe998367b1b5e352dccd3ca5c36f/auditwheel-5.4.0-py3-none-any.whl/auditwheel/_vendor/wheel/wheelfile.py#line.18
This PR fixes the issue.
Is there an ETA for a patched release on PyPI?