cvelistv5 - cve-2025-8869

CVE-2025-8869 (GCVE-0-2025-8869)

Vulnerability from cvelistv5

Published

2025-09-24 14:56

Modified

2025-10-16 19:48

Severity ?

5.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Summary

When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706. Note that this is a vulnerability in pip's fallback implementation of tar extraction for Python versions that don't implement PEP 706 and therefore are not secure to all vulnerabilities in the Python 'tarfile' module. If you're using a Python version that implements PEP 706 then pip doesn't use the "vulnerable" fallback code. Mitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python >=3.9.17, >=3.10.12, >=3.11.4, or >=3.12), applying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice.

References

URL

Tags

	cna@python.org	https://github.com/pypa/pip/pull/13550
	cna@python.org	https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/

Impacted products

	Vendor	Product	Version
	Python Packaging Authority	pip	Version: 0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8869",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-16T19:47:29.080800Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-16T19:48:16.755Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pypi.org/project/pip",
          "defaultStatus": "unaffected",
          "packageName": "pip",
          "product": "pip",
          "repo": "https://github.com/pypa/pip",
          "vendor": "Python Packaging Authority",
          "versions": [
            {
              "lessThan": "25.3",
              "status": "affected",
              "version": "0",
              "versionType": "python"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn\u0027t implement PEP 706.\u003cbr\u003eNote that upgrading pip to a \"fixed\" version for this vulnerability doesn\u0027t fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706.\u003cbr\u003e\u003cbr\u003eNote that this is a vulnerability in pip\u0027s fallback implementation of tar extraction for Python versions that don\u0027t implement PEP 706\u003cbr\u003eand therefore are not secure to all vulnerabilities in the Python \u0027tarfile\u0027 module. If you\u0027re using a Python version that implements PEP 706\u003cbr\u003ethen pip doesn\u0027t use the \"vulnerable\" fallback code.\u003cbr\u003e\u003cbr\u003eMitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python \u0026gt;=3.9.17, \u0026gt;=3.10.12, \u0026gt;=3.11.4, or \u0026gt;=3.12),\u003cbr\u003eapplying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice."
            }
          ],
          "value": "When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn\u0027t implement PEP 706.\nNote that upgrading pip to a \"fixed\" version for this vulnerability doesn\u0027t fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706.\n\nNote that this is a vulnerability in pip\u0027s fallback implementation of tar extraction for Python versions that don\u0027t implement PEP 706\nand therefore are not secure to all vulnerabilities in the Python \u0027tarfile\u0027 module. If you\u0027re using a Python version that implements PEP 706\nthen pip doesn\u0027t use the \"vulnerable\" fallback code.\n\nMitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python \u003e=3.9.17, \u003e=3.10.12, \u003e=3.11.4, or \u003e=3.12),\napplying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-24T14:57:34.790Z",
        "orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
        "shortName": "PSF"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/pypa/pip/pull/13550"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Fallback tar extraction in pip doesn\u0027t check symbolic links point to extraction directory",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
    "assignerShortName": "PSF",
    "cveId": "CVE-2025-8869",
    "datePublished": "2025-09-24T14:56:56.027Z",
    "dateReserved": "2025-08-11T15:55:10.199Z",
    "dateUpdated": "2025-10-16T19:48:16.755Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-8869\",\"sourceIdentifier\":\"cna@python.org\",\"published\":\"2025-09-24T15:15:41.293\",\"lastModified\":\"2025-09-24T18:11:24.520\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn\u0027t implement PEP 706.\\nNote that upgrading pip to a \\\"fixed\\\" version for this vulnerability doesn\u0027t fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706.\\n\\nNote that this is a vulnerability in pip\u0027s fallback implementation of tar extraction for Python versions that don\u0027t implement PEP 706\\nand therefore are not secure to all vulnerabilities in the Python \u0027tarfile\u0027 module. If you\u0027re using a Python version that implements PEP 706\\nthen pip doesn\u0027t use the \\\"vulnerable\\\" fallback code.\\n\\nMitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python \u003e=3.9.17, \u003e=3.10.12, \u003e=3.11.4, or \u003e=3.12),\\napplying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@python.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"references\":[{\"url\":\"https://github.com/pypa/pip/pull/13550\",\"source\":\"cna@python.org\"},{\"url\":\"https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/\",\"source\":\"cna@python.org\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-8869\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-16T19:47:29.080800Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-24T16:01:10.593Z\"}}], \"cna\": {\"title\": \"Fallback tar extraction in pip doesn\u0027t check symbolic links point to extraction directory\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 5.9, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/pypa/pip\", \"vendor\": \"Python Packaging Authority\", \"product\": \"pip\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"25.3\", \"versionType\": \"python\"}], \"packageName\": \"pip\", \"collectionURL\": \"https://pypi.org/project/pip\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/pypa/pip/pull/13550\", \"tags\": [\"patch\"]}, {\"url\": \"https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn\u0027t implement PEP 706.\\nNote that upgrading pip to a \\\"fixed\\\" version for this vulnerability doesn\u0027t fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706.\\n\\nNote that this is a vulnerability in pip\u0027s fallback implementation of tar extraction for Python versions that don\u0027t implement PEP 706\\nand therefore are not secure to all vulnerabilities in the Python \u0027tarfile\u0027 module. If you\u0027re using a Python version that implements PEP 706\\nthen pip doesn\u0027t use the \\\"vulnerable\\\" fallback code.\\n\\nMitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python \u003e=3.9.17, \u003e=3.10.12, \u003e=3.11.4, or \u003e=3.12),\\napplying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn\u0027t implement PEP 706.\u003cbr\u003eNote that upgrading pip to a \\\"fixed\\\" version for this vulnerability doesn\u0027t fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706.\u003cbr\u003e\u003cbr\u003eNote that this is a vulnerability in pip\u0027s fallback implementation of tar extraction for Python versions that don\u0027t implement PEP 706\u003cbr\u003eand therefore are not secure to all vulnerabilities in the Python \u0027tarfile\u0027 module. If you\u0027re using a Python version that implements PEP 706\u003cbr\u003ethen pip doesn\u0027t use the \\\"vulnerable\\\" fallback code.\u003cbr\u003e\u003cbr\u003eMitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python \u0026gt;=3.9.17, \u0026gt;=3.10.12, \u0026gt;=3.11.4, or \u0026gt;=3.12),\u003cbr\u003eapplying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"28c92f92-d60d-412d-b760-e73465c3df22\", \"shortName\": \"PSF\", \"dateUpdated\": \"2025-09-24T14:57:34.790Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-8869\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-16T19:48:16.755Z\", \"dateReserved\": \"2025-08-11T15:55:10.199Z\", \"assignerOrgId\": \"28c92f92-d60d-412d-b760-e73465c3df22\", \"datePublished\": \"2025-09-24T14:56:56.027Z\", \"assignerShortName\": \"PSF\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2025-8869

Vulnerability from fkie_nvd

Published

2025-09-24 15:15

Modified

2025-09-24 18:11

Severity ?

5.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Summary

References

	URL	Tags
	cna@python.org	https://github.com/pypa/pip/pull/13550
	cna@python.org	https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn\u0027t implement PEP 706.\nNote that upgrading pip to a \"fixed\" version for this vulnerability doesn\u0027t fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706.\n\nNote that this is a vulnerability in pip\u0027s fallback implementation of tar extraction for Python versions that don\u0027t implement PEP 706\nand therefore are not secure to all vulnerabilities in the Python \u0027tarfile\u0027 module. If you\u0027re using a Python version that implements PEP 706\nthen pip doesn\u0027t use the \"vulnerable\" fallback code.\n\nMitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python \u003e=3.9.17, \u003e=3.10.12, \u003e=3.11.4, or \u003e=3.12),\napplying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice."
    }
  ],
  "id": "CVE-2025-8869",
  "lastModified": "2025-09-24T18:11:24.520",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "cna@python.org",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-09-24T15:15:41.293",
  "references": [
    {
      "source": "cna@python.org",
      "url": "https://github.com/pypa/pip/pull/13550"
    },
    {
      "source": "cna@python.org",
      "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/"
    }
  ],
  "sourceIdentifier": "cna@python.org",
  "vulnStatus": "Awaiting Analysis"
}

msrc_cve-2025-8869

Vulnerability from csaf_microsoft

Published

2025-09-02 00:00

Modified

2025-09-27 01:02

Summary

Fallback tar extraction in pip doesn't check symbolic links point to extraction directory

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2025-8869 Fallback tar extraction in pip doesn\u0027t check symbolic links point to extraction directory - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-8869.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Fallback tar extraction in pip doesn\u0027t check symbolic links point to extraction directory",
    "tracking": {
      "current_release_date": "2025-09-27T01:02:56.000Z",
      "generator": {
        "date": "2025-10-20T03:48:57.061Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2025-8869",
      "initial_release_date": "2025-09-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-09-27T01:02:56.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 python-pip 24.2-3",
                "product": {
                  "name": "\u003cazl3 python-pip 24.2-3",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 python-pip 24.2-3",
                "product": {
                  "name": "azl3 python-pip 24.2-3",
                  "product_id": "20043"
                }
              }
            ],
            "category": "product_name",
            "name": "python-pip"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 python-pip 24.2-3 as a component of Azure Linux 3.0",
          "product_id": "17084-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 python-pip 24.2-3 as a component of Azure Linux 3.0",
          "product_id": "20043-17084"
        },
        "product_reference": "20043",
        "relates_to_product_reference": "17084"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-8869",
      "notes": [
        {
          "category": "general",
          "text": "PSF",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "20043-17084"
        ],
        "known_affected": [
          "17084-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-8869 Fallback tar extraction in pip doesn\u0027t check symbolic links point to extraction directory - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-8869.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-27T01:02:56.000Z",
          "details": "24.2-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "title": "Fallback tar extraction in pip doesn\u0027t check symbolic links point to extraction directory"
    }
  ]
}

CERTFR-2025-AVI-0935

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu Gemfire	Tanzu GemFire versions antérieures à 10.2.0
VMware	Tanzu	Tanzu pour Valkey versions 7.2.x antérieures à 7.2.11
VMware	Tanzu Gemfire	Tanzu GemFire Management Console versions antérieures à 1.4.1
VMware	Tanzu	Tanzu pour Valkey versions 3.x antérieures à 3.2.0 sur Kubernetes
VMware	Tanzu	Tanzu pour Valkey versions 8.1.x antérieures à 8.1.4
VMware	Tanzu	Tanzu pour Valkey versions 8.0.x antérieures à 8.0.6

References

Title

Publication Time

ghsa-4xh5-x5gv-qwph

Vulnerability from github

Published

2025-09-24 15:31

Modified

2025-10-27 14:50

Severity ?

5.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Summary

pip's fallback tar extraction doesn't check symbolic links point to extraction directory

Details

Summary

In the fallback extraction path for source distributions, pip used Python’s tarfile module without verifying that symbolic/hard link targets resolve inside the intended extraction directory. A malicious sdist can include links that escape the target directory and overwrite arbitrary files on the invoking host during pip install.

Impact

Successful exploitation enables arbitrary file overwrite outside the build/extraction directory on the machine running pip. This can be leveraged to tamper with configuration or startup files and may lead to further code execution depending on the environment, but the direct, guaranteed impact is integrity compromise on the vulnerable system.

Conditions

The issue is triggered when installing an attacker-controlled sdist (e.g., from an index or URL) and the fallback extraction code path is used. No special privileges are required beyond running pip install; active user action is necessary.

Remediation

The fix is available starting in pip 25.3. Using a Python interpreter that implements the safe-extraction behavior described by PEP 706 provides additional defense in depth for other tarfile issues but is not a substitute for upgrading pip for this specific flaw.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 25.2"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "pip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "25.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-8869"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-09-24T20:04:58Z",
    "nvd_published_at": "2025-09-24T15:15:41Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\n\nIn the fallback extraction path for source distributions, `pip` used Python\u2019s `tarfile` module without verifying that symbolic/hard link targets resolve inside the intended extraction directory. A malicious sdist can include links that escape the target directory and overwrite arbitrary files on the invoking host during `pip install`.\n\n### Impact\n\nSuccessful exploitation enables arbitrary file overwrite outside the build/extraction directory on the machine running `pip`. This can be leveraged to tamper with configuration or startup files and may lead to further code execution depending on the environment, but the direct, guaranteed impact is integrity compromise on the vulnerable system.\n\n### Conditions\n\nThe issue is triggered when installing an attacker-controlled sdist (e.g., from an index or URL) and the fallback extraction code path is used. No special privileges are required beyond running `pip install`; active user action is necessary.\n\n### Remediation\n\nThe [fix](https://github.com/pypa/pip/pull/13550) is available starting in pip `25.3`. Using a Python interpreter that implements the safe-extraction behavior described by **PEP 706** provides additional defense in depth for other `tarfile` issues but is not a substitute for upgrading pip for this specific flaw.",
  "id": "GHSA-4xh5-x5gv-qwph",
  "modified": "2025-10-27T14:50:36Z",
  "published": "2025-09-24T15:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8869"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/pip/pull/13550"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/pip/commit/f2b92314da012b9fffa36b3f3e67748a37ef464a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/pypa/pip"
    },
    {
      "type": "WEB",
      "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN"
    },
    {
      "type": "WEB",
      "url": "https://pip.pypa.io/en/stable/news/#v25-2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "pip\u0027s fallback tar extraction doesn\u0027t check symbolic links point to extraction directory"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-8869 (GCVE-0-2025-8869)

Vulnerability from cvelistv5

fkie_cve-2025-8869

Vulnerability from fkie_nvd

msrc_cve-2025-8869

Vulnerability from csaf_microsoft

CERTFR-2025-AVI-0935

Vulnerability from certfr_avis

Solutions

ghsa-4xh5-x5gv-qwph

Vulnerability from github

Summary

Impact

Conditions

Remediation

Tags

Sightings

Nomenclature