GHSA-pqhf-p39g-3x64
ZIP archive parsing differential vulnerability in uv (PyPI)

ZIP archive parsing differential No known exploit

What is GHSA-pqhf-p39g-3x64 About?

This vulnerability in `uv` versions 0.9.5 and earlier involves two ZIP archive parsing differentials, leading to inconsistent extraction behavior compared to other Python packaging tools. Attackers can craft ZIPs that expand differently, enabling potential manipulation of installed packages despite consistent digests. While user interaction is required, it represents an integrity risk.

Affected Software

uv <0.9.6

Technical Details

The vulnerability manifests as two distinct ZIP archive parsing differentials in uv. Firstly, uv incorrectly handles central directory comment fields, interpreting them as ZIP control structures rather than skipping them, which can lead to misinterpretation of the archive's structure. Secondly, uv's handling of filenames containing ASCII null bytes differs from Python's zipfile module; uv skips such members, while zipfile truncates the filename. These differentials allow an attacker to create a ZIP (e.g., a source distribution) with a consistent cryptographic digest that extracts differently across various Python package installers. This malleability means the contents installed by uv could differ from what's expected by other tools or the original intention.

What is the Impact of GHSA-pqhf-p39g-3x64?

Successful exploitation may allow attackers to produce ZIP archives that extract differently depending on the Python package installer used, potentially leading to unexpected file installations, integrity bypasses, or subtle behavioral changes in installed software.

What is the Exploitability of GHSA-pqhf-p39g-3x64?

Exploitation requires user interaction, specifically running uv pip install $package with an attacker-controlled package. No authentication or special privileges are needed from the victim's perspective. The attack vector is remote if the malicious package is hosted. The complexity lies in crafting the ZIP file to exploit the parsing differentials in a meaningful way. While not directly leading to arbitrary code execution in the common case (unless it's a source distribution), it can lead to integrity issues. For wheel distributions, a separate invocation (e.g., python -c "import $package") would be needed post-installation for malicious code to execute. Risk factors involve users installing packages from untrusted sources.

What are the Known Public Exploits?

PoC Author Link Commentary
No known exploits

What are the Available Fixes for GHSA-pqhf-p39g-3x64?

Available Upgrade Options

  • uv
    • <0.9.6 → Upgrade to 0.9.6

Struggling with dependency upgrades?

See how Resolved Security's drop-in replacements make it simple.

Book a demo

Additional Resources

What are Similar Vulnerabilities to GHSA-pqhf-p39g-3x64?

Similar Vulnerabilities: GHSA-8qf3-x8v5-2pj8 , CVE-2023-37905 , CVE-2022-3869 , CVE-2021-3829 , CVE-2024-22268

All Rights reserved 2025
Privacy Policy