Affected versions of the pip package are vulnerable to Arbitrary File Overwrite due to improper validation of symbolic link targets in the fallback tar extraction code. In src/pip/_internal/utils/unpacking.py, the _untar_without_filter routine used when the Python tarfile module lacks PEP 706 (no tarfile.data_filter) extracted symlink members with tar._extract_member without verifying that link destinations resolve under the extraction root, a check later added via the is_symlink_target_in_tar helper.

Affected versions of the pip package are vulnerable to Path Traversal due to an incorrect directory containment check when extracting wheel archives. In src/pip/_internal/utils/unpacking.py, the is_within_directory() helper used os.path.commonprefix() (character-by-character) to compare directory and target paths, allowing crafted paths like a parent-directory substring match to be treated as safely inside the installation directory.

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Affected versions of the poetry package are vulnerable to Path Traversal due to insufficient validation of file paths extracted from wheel archives during package installation. The WheelDestination class in wheel_installer.py directly joins untrusted entry paths from wheel contents without resolving or verifying that the resulting destination remains within the target directory. An attacker can craft a malicious wheel containing entries with directory traversal sequences to write arbitrary files outside the intended installation directory with the privileges of the Poetry process.

Poetry requires virtualenv version 20.26.6 or higher to protect against potential command injection attacks when running poetry shell in untrusted projects.