Vulnerabilidades en Python Packaging Authority
4 resultadosCVE-2025-8869MEDIUMFallback tar extraction in pip doesn't check symbolic links point to extraction directoryEPSS 0.4%CVE-2026-1703LOWLimited path traversal when installing wheel archivesEPSS 0.4%CVE-2026-3219MEDIUMpip doesn't reject concatenated ZIP and tar archivesEPSS 0.1%CVE-2026-8643MEDIUMpip can extract console_scripts and gui_scripts outside installation directoryEPSS 0.1%