Affected versions of the pip package are vulnerable to Path Traversal due to an incorrect directory containment check when extracting wheel archives. In src/pip/_internal/utils/unpacking.py, the is_within_directory() helper used os.path.commonprefix() (character-by-character) to compare directory and target paths, allowing crafted paths like a parent-directory substring match to be treated as safely inside the installation directory.

Affected versions of the pip package are vulnerable to Arbitrary File Overwrite due to improper validation of symbolic link targets in the fallback tar extraction code. In src/pip/_internal/utils/unpacking.py, the _untar_without_filter routine used when the Python tarfile module lacks PEP 706 (no tarfile.data_filter) extracted symlink members with tar._extract_member without verifying that link destinations resolve under the extraction root, a check later added via the is_symlink_target_in_tar helper.

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Affected versions of the poetry package are vulnerable to Arbitrary File Write via Path Traversal due to tar archives being extracted without path validation on Python runtimes, where tarfile.data_filter is unavailable or broken. The extractall() helper in src/poetry/utils/helpers.py, lines 410-426, falls back to using tarfile.extractall() without any filter on Python 3.10.0-3.10.12 and 3.11.0-3.11.4, so sdist tar members containing dot-dot-slash sequences, symlinks, or hardlinks can escape the intended extraction directory during dependency resolution and installation. An attacker who publishes or supplies a crafted sdist processed by poetry add or poetry lock on an affected interpreter can write files to arbitrary locations on the host filesystem through direct traversal, symlink redirection, or hardlink overwrites.

Affected versions of the poetry package are vulnerable to Path Traversal due to insufficient validation of file paths extracted from wheel archives during package installation. The WheelDestination class in wheel_installer.py directly joins untrusted entry paths from wheel contents without resolving or verifying that the resulting destination remains within the target directory. An attacker can craft a malicious wheel containing entries with directory traversal sequences to write arbitrary files outside the intended installation directory with the privileges of the Poetry process.

Poetry requires virtualenv version 20.26.6 or higher to protect against potential command injection attacks when running poetry shell in untrusted projects.

Affected versions of the pip package are vulnerable to Path Traversal due to an incorrect directory containment check when extracting wheel archives. In src/pip/_internal/utils/unpacking.py, the is_within_directory() helper used os.path.commonprefix() (character-by-character) to compare directory and target paths, allowing crafted paths like a parent-directory substring match to be treated as safely inside the installation directory.

Affected versions of the pip package are vulnerable to Arbitrary File Overwrite due to improper validation of symbolic link targets in the fallback tar extraction code. In src/pip/_internal/utils/unpacking.py, the _untar_without_filter routine used when the Python tarfile module lacks PEP 706 (no tarfile.data_filter) extracted symlink members with tar._extract_member without verifying that link destinations resolve under the extraction root, a check later added via the is_symlink_target_in_tar helper.

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Affected versions of the poetry package are vulnerable to Arbitrary File Write via Path Traversal due to tar archives being extracted without path validation on Python runtimes, where tarfile.data_filter is unavailable or broken. The extractall() helper in src/poetry/utils/helpers.py, lines 410-426, falls back to using tarfile.extractall() without any filter on Python 3.10.0-3.10.12 and 3.11.0-3.11.4, so sdist tar members containing dot-dot-slash sequences, symlinks, or hardlinks can escape the intended extraction directory during dependency resolution and installation. An attacker who publishes or supplies a crafted sdist processed by poetry add or poetry lock on an affected interpreter can write files to arbitrary locations on the host filesystem through direct traversal, symlink redirection, or hardlink overwrites.

Affected versions of the poetry package are vulnerable to Path Traversal due to insufficient validation of file paths extracted from wheel archives during package installation. The WheelDestination class in wheel_installer.py directly joins untrusted entry paths from wheel contents without resolving or verifying that the resulting destination remains within the target directory. An attacker can craft a malicious wheel containing entries with directory traversal sequences to write arbitrary files outside the intended installation directory with the privileges of the Poetry process.

Poetry requires virtualenv version 20.26.6 or higher to protect against potential command injection attacks when running poetry shell in untrusted projects.

Affected versions of the pip package are vulnerable to Path Traversal due to an incorrect directory containment check when extracting wheel archives. In src/pip/_internal/utils/unpacking.py, the is_within_directory() helper used os.path.commonprefix() (character-by-character) to compare directory and target paths, allowing crafted paths like a parent-directory substring match to be treated as safely inside the installation directory.

Affected versions of the pip package are vulnerable to Arbitrary File Overwrite due to improper validation of symbolic link targets in the fallback tar extraction code. In src/pip/_internal/utils/unpacking.py, the _untar_without_filter routine used when the Python tarfile module lacks PEP 706 (no tarfile.data_filter) extracted symlink members with tar._extract_member without verifying that link destinations resolve under the extraction root, a check later added via the is_symlink_target_in_tar helper.

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Affected versions of the pip package are vulnerable to Path Traversal due to an incorrect directory containment check when extracting wheel archives. In src/pip/_internal/utils/unpacking.py, the is_within_directory() helper used os.path.commonprefix() (character-by-character) to compare directory and target paths, allowing crafted paths like a parent-directory substring match to be treated as safely inside the installation directory.

Affected versions of the pip package are vulnerable to Arbitrary File Overwrite due to improper validation of symbolic link targets in the fallback tar extraction code. In src/pip/_internal/utils/unpacking.py, the _untar_without_filter routine used when the Python tarfile module lacks PEP 706 (no tarfile.data_filter) extracted symlink members with tar._extract_member without verifying that link destinations resolve under the extraction root, a check later added via the is_symlink_target_in_tar helper.

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Affected versions of the poetry package are vulnerable to Arbitrary File Write via Path Traversal due to tar archives being extracted without path validation on Python runtimes, where tarfile.data_filter is unavailable or broken. The extractall() helper in src/poetry/utils/helpers.py, lines 410-426, falls back to using tarfile.extractall() without any filter on Python 3.10.0-3.10.12 and 3.11.0-3.11.4, so sdist tar members containing dot-dot-slash sequences, symlinks, or hardlinks can escape the intended extraction directory during dependency resolution and installation. An attacker who publishes or supplies a crafted sdist processed by poetry add or poetry lock on an affected interpreter can write files to arbitrary locations on the host filesystem through direct traversal, symlink redirection, or hardlink overwrites.

Affected versions of the poetry package are vulnerable to Path Traversal due to insufficient validation of file paths extracted from wheel archives during package installation. The WheelDestination class in wheel_installer.py directly joins untrusted entry paths from wheel contents without resolving or verifying that the resulting destination remains within the target directory. An attacker can craft a malicious wheel containing entries with directory traversal sequences to write arbitrary files outside the intended installation directory with the privileges of the Poetry process.

Poetry requires virtualenv version 20.26.6 or higher to protect against potential command injection attacks when running poetry shell in untrusted projects.

Affected versions of the poetry package are vulnerable to Arbitrary File Write via Path Traversal due to tar archives being extracted without path validation on Python runtimes, where tarfile.data_filter is unavailable or broken. The extractall() helper in src/poetry/utils/helpers.py, lines 410-426, falls back to using tarfile.extractall() without any filter on Python 3.10.0-3.10.12 and 3.11.0-3.11.4, so sdist tar members containing dot-dot-slash sequences, symlinks, or hardlinks can escape the intended extraction directory during dependency resolution and installation. An attacker who publishes or supplies a crafted sdist processed by poetry add or poetry lock on an affected interpreter can write files to arbitrary locations on the host filesystem through direct traversal, symlink redirection, or hardlink overwrites.

Affected versions of the poetry package are vulnerable to Path Traversal due to insufficient validation of file paths extracted from wheel archives during package installation. The WheelDestination class in wheel_installer.py directly joins untrusted entry paths from wheel contents without resolving or verifying that the resulting destination remains within the target directory. An attacker can craft a malicious wheel containing entries with directory traversal sequences to write arbitrary files outside the intended installation directory with the privileges of the Poetry process.

Poetry requires virtualenv version 20.26.6 or higher to protect against potential command injection attacks when running poetry shell in untrusted projects.

Affected versions of the pip package are vulnerable to Path Traversal due to an incorrect directory containment check when extracting wheel archives. In src/pip/_internal/utils/unpacking.py, the is_within_directory() helper used os.path.commonprefix() (character-by-character) to compare directory and target paths, allowing crafted paths like a parent-directory substring match to be treated as safely inside the installation directory.

Affected versions of the pip package are vulnerable to Arbitrary File Overwrite due to improper validation of symbolic link targets in the fallback tar extraction code. In src/pip/_internal/utils/unpacking.py, the _untar_without_filter routine used when the Python tarfile module lacks PEP 706 (no tarfile.data_filter) extracted symlink members with tar._extract_member without verifying that link destinations resolve under the extraction root, a check later added via the is_symlink_target_in_tar helper.

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Affected versions of the pip package are vulnerable to Path Traversal due to an incorrect directory containment check when extracting wheel archives. In src/pip/_internal/utils/unpacking.py, the is_within_directory() helper used os.path.commonprefix() (character-by-character) to compare directory and target paths, allowing crafted paths like a parent-directory substring match to be treated as safely inside the installation directory.

Affected versions of the pip package are vulnerable to Arbitrary File Overwrite due to improper validation of symbolic link targets in the fallback tar extraction code. In src/pip/_internal/utils/unpacking.py, the _untar_without_filter routine used when the Python tarfile module lacks PEP 706 (no tarfile.data_filter) extracted symlink members with tar._extract_member without verifying that link destinations resolve under the extraction root, a check later added via the is_symlink_target_in_tar helper.

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Affected versions of the pip package are vulnerable to Path Traversal due to an incorrect directory containment check when extracting wheel archives. In src/pip/_internal/utils/unpacking.py, the is_within_directory() helper used os.path.commonprefix() (character-by-character) to compare directory and target paths, allowing crafted paths like a parent-directory substring match to be treated as safely inside the installation directory.

Affected versions of the pip package are vulnerable to Arbitrary File Overwrite due to improper validation of symbolic link targets in the fallback tar extraction code. In src/pip/_internal/utils/unpacking.py, the _untar_without_filter routine used when the Python tarfile module lacks PEP 706 (no tarfile.data_filter) extracted symlink members with tar._extract_member without verifying that link destinations resolve under the extraction root, a check later added via the is_symlink_target_in_tar helper.

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Affected versions of the poetry package are vulnerable to Arbitrary File Write via Path Traversal due to tar archives being extracted without path validation on Python runtimes, where tarfile.data_filter is unavailable or broken. The extractall() helper in src/poetry/utils/helpers.py, lines 410-426, falls back to using tarfile.extractall() without any filter on Python 3.10.0-3.10.12 and 3.11.0-3.11.4, so sdist tar members containing dot-dot-slash sequences, symlinks, or hardlinks can escape the intended extraction directory during dependency resolution and installation. An attacker who publishes or supplies a crafted sdist processed by poetry add or poetry lock on an affected interpreter can write files to arbitrary locations on the host filesystem through direct traversal, symlink redirection, or hardlink overwrites.

Affected versions of the poetry package are vulnerable to Path Traversal due to insufficient validation of file paths extracted from wheel archives during package installation. The WheelDestination class in wheel_installer.py directly joins untrusted entry paths from wheel contents without resolving or verifying that the resulting destination remains within the target directory. An attacker can craft a malicious wheel containing entries with directory traversal sequences to write arbitrary files outside the intended installation directory with the privileges of the Poetry process.

Poetry requires virtualenv version 20.26.6 or higher to protect against potential command injection attacks when running poetry shell in untrusted projects.

Affected versions of the poetry package are vulnerable to Arbitrary File Write via Path Traversal due to tar archives being extracted without path validation on Python runtimes, where tarfile.data_filter is unavailable or broken. The extractall() helper in src/poetry/utils/helpers.py, lines 410-426, falls back to using tarfile.extractall() without any filter on Python 3.10.0-3.10.12 and 3.11.0-3.11.4, so sdist tar members containing dot-dot-slash sequences, symlinks, or hardlinks can escape the intended extraction directory during dependency resolution and installation. An attacker who publishes or supplies a crafted sdist processed by poetry add or poetry lock on an affected interpreter can write files to arbitrary locations on the host filesystem through direct traversal, symlink redirection, or hardlink overwrites.

Affected versions of the poetry package are vulnerable to Path Traversal due to insufficient validation of file paths extracted from wheel archives during package installation. The WheelDestination class in wheel_installer.py directly joins untrusted entry paths from wheel contents without resolving or verifying that the resulting destination remains within the target directory. An attacker can craft a malicious wheel containing entries with directory traversal sequences to write arbitrary files outside the intended installation directory with the privileges of the Poetry process.

Poetry requires virtualenv version 20.26.6 or higher to protect against potential command injection attacks when running poetry shell in untrusted projects.