PyPI Python Package Repository Patches Critical Supply Chain Flaw

The maintainers of Python Package Index (PyPI) last week issued fixes for three vulnerabilities, one among which could be abused to achieve arbitrary code execution and take full control of the official third-party software repository.

The security weaknesses were discovered and reported by Japanese security researcher RyotaK, who in the past has disclosed critical vulnerabilities in the Homebrew Cask repository and Cloudflare's CDNJS library. He was awarded a total of $3,000 as part of the bug bounty program.

The list of three vulnerabilities is as follows -

• Vulnerability in Legacy Document Deletion on PyPI - An exploitable vulnerability in the mechanisms for deleting legacy documentation hosting deployment tooling on PyPI, which would allow an attacker to remove documentation for projects not under their control.
• Vulnerability in Role Deletion on PyPI - An exploitable vulnerability in the mechanisms for deleting roles on PyPI was discovered by a security researcher, which would allow an attacker to remove roles for projects not under their control.
• Vulnerability in GitHub Actions workflow for PyPI - An exploitable vulnerability in a GitHub Actions workflow for PyPI's source repository could allow an attacker to obtain write permissions against the pypa/warehouse repository.

Successful exploitation of the flaws could result in the arbitrary deletion of project documentation files, which has to do with how the API endpoint for removing legacy documentation handles project names passed as input, and enable any user to delete any role given a valid role ID due to a missing check that requires the current project to match the project the role is associated with.

A more critical flaw concerns an issue in the GitHub Actions workflow for PyPI's source repository named "combine-prs.yml," resulting in a scenario wherein an adversary could obtain write permission for the main branch of the "pypa/warehouse" repository, and in the process execute malicious code on pypi.org.

"The vulnerabilities described in this article had a significant impact on the Python ecosystem," RyotaK noted. "As I've mentioned several times before, some supply chains have critical vulnerabilities. However, a limited number of people are researching supply chain attacks, and most supply chains are not properly protected. Therefore, I believe that it's necessary for users who depend on the supply chain to actively contribute to improving security in the supply chain."