Description
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations.
Published: 2026-02-02
Score: 2 Low
EPSS: < 1% Very Low
KEV: No
Impact: Path Traversal
Action: Patch
AI Analysis

Impact

When pip extracts a malicious wheel archive, it can write files outside the intended installation directory because the extraction logic does not fully resolve or limit file paths. The flaw is limited to paths that are prefixes of the installation directory, so it cannot directly overwrite system executables in typical use, but it can nevertheless place arbitrary files next to installed packages in areas that may be readable or writable by local users.

Affected Systems

The vulnerability affects pip, the Python Packaging Authority's package installer, across all supported versions that have the extraction logic in place. No specific version information is listed, so any pip installation that receives the affected wheel code is potentially susceptible.

Risk and Exploitability

The CVSS score is low at 2.0 and the EPSS indicates a very small likelihood of exploitation. The flaw requires an attacker to supply a malicious wheel and the victim to run pip, making it a local, pre‑authentication vulnerability. Because the path traversal is bounded to prefixes of the installation directory, the risk of overwriting executable files is limited, but there is still a chance to create or modify files that could impact the local environment. The vulnerability is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on April 18, 2026 at 00:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade pip to the latest available version to obtain the fix that removes the path traversal condition.
  • If an immediate upgrade is not possible, restrict the pip installation to wheels from trusted and verified sources, checking archives with known hashes or signatures before unpacking.
  • Run pip in an isolated or virtual environment to contain any unintended file writes within a controlled directory.

Generated by OpenCVE AI on April 18, 2026 at 00:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-6vgw-5pg2-w6jp pip Path Traversal vulnerability
History

Wed, 04 Feb 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Python
Python pip
Vendors & Products Python
Python pip

Tue, 03 Feb 2026 13:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 3.9, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N'}

threat_severity

Low

Mon, 02 Feb 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 02 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Description When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations.
Title Limited path traversal when installing wheel archives
Weaknesses CWE-22
References
Metrics cvssV4_0

{'score': 2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Python Pip
cve-icon MITRE

Status: PUBLISHED

Assigner: PSF

Published:

Updated: 2026-02-02T17:21:25.369Z

Reserved: 2026-01-30T15:17:22.133Z

Link: CVE-2026-1703

cve-icon Vulnrichment

Updated: 2026-02-02T17:21:20.363Z

cve-icon NVD

Status : Deferred

Published: 2026-02-02T15:16:30.510

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-1703

cve-icon Redhat

Severity : Low

Publid Date: 2026-02-02T14:43:02Z

Links: CVE-2026-1703 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T00:45:32Z

Weaknesses