Browse all 3 CVE security advisories affecting Python Packaging Authority. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-3219 | pip doesn't reject concatenated ZIP and tar archives — pip | 7.7AI | HighAI | 2026-04-20 |
| CVE-2026-1703 | Limited path traversal when installing wheel archives — pipCWE-22 | 7.7AI | HighAI | 2026-02-02 |
| CVE-2025-8869 | Fallback tar extraction in pip doesn't check symbolic links point to extraction directory — pip | 6.1AI | MediumAI | 2025-09-24 |
This page lists every published CVE security advisory associated with Python Packaging Authority. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.