# Vulnerability Summary ## Overview pip has a ZIP parser confusion attack vulnerability (CVE-2026-3219). This vulnerability stems from flawed logic in pip’s file type determination when extracting archive files, which may cause maliciously crafted zip files to be misidentified or mishandled, leading to security risks. ## Impact Scope - Affected component: pip’s archive files extraction logic - Affected versions: 26.1 and earlier - Attack scenario: When users upload or install packages containing maliciously crafted zip files, parsing errors may be triggered ## Remediation 1. **Refactor extraction logic**: - No longer rely on a single signature check; instead, sequentially check content type, filename, and magic signature - Prioritize using content type for judgment; if matched, extract directly - If content type does not match, check the filename extension - Use magic signature as the last resort (only when other methods fail) - If a file matches both zip and tar characteristics, log an error 2. **Increase test coverage**: - Add unit tests to verify the new logic - Ensure proper handling of ambiguous file types 3. **Security advisory**: - The vulnerability was independently reported by Google and a security advisory has been issued - Related discussion: https://www.cve.org/CVERecord?id=CVE-2026-3219 ## Related Code Changes Key code modifications submitted in PR #13870 include: - `Refactor unpacking logic for archive files` - `Fix variable names` - `Add news` - `Actually do the unpacking` - `Fix lint & log` For complete code changes, refer to the GitHub PR: https://github.com/pypa/pip/pull/13870 ## Additional Notes - Warehouse (PyPI backend) has rejected polyglot files: https://github.com/pypa/warehouse#19638 - This vulnerability is related to the issue where tar.gz files were misidentified as zip files during wheel building (#13867)