Supply Chain Flaws Found in Python Package Repository

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Administrators overseeing the Python Package Index (PyPI) in recent days found themselves responding to vulnerabilities found in the repository of open source software, the latest security problems to hit the Python community.

Most recently, the PyPI group sent out fixes for three vulnerabilities that were discovered by security researcher RyotaK and published on his blog. Two of the vulnerabilities could be used by bad actors to delete documentation or roles within the software package. The third flaw was found in a GitHub Actions workflow within the PyPI repository that, if exploited, could allow a hacker to write permission against the repository and launch malicious code on

The vulnerabilities also are another example of the supply chain attacks that have come to the forefront in the software industry in the wake of such incidents as the massive SolarWinds attack late last year, where bad actors were able to inject malicious code into software updates of the company’s Orion network monitoring platform, leaving vulnerable as many as 18,000 SolarWinds customers that used the software.

“The vulnerabilities described in this article had a significant impact on the Python ecosystem,” RyotaK wrote in the blog post. “As I’ve mentioned several times before, some supply chains have critical vulnerabilities. However, a limited number of people are researching supply chain attacks, and most supply chains are not properly protected. Therefore, I believe that it’s necessary for user who depend on the supply chain to actively contribute to improving security in the supply chain.”

Most Critical Flaw

The most critical of the three vulnerabilities centered around a GitHub Actions workflow for a PyPI source repository dubbed “combine-prs.yml.” Through this flaw, a cybercriminal could get write permissions to the pypa/warehouse repository and run malicious code on The PyPI maintainers have issued a fix for the vulnerability.

One of the other flaws focused on a vulnerability that would enable bad actors to delete legacy documents for hosting deployment tools in PyPI. They then could eliminate documentation for projects that they don’t control. The administrators also issued a fix for this flaw. Similarly, RyotaK also found a vulnerability that would enable an attack to remove roles for PyPI projects. A fix for that flaw can be found here.

The latter two were not as serious an issue as the GitHub Actions flaw, the security researcher said, adding that “these vulnerabilities don’t have many impacts and can only be used for harassment at best.”

Shawn Smith, director of infrastructure at application security vendor nVisium, agreed, saying that of the three, “only one of them is extremely dangerous.”

“Using GitHub Actions to leak a token with write permissions to pypa/warehouse is serious and could have been used to introduce arbitrary code changes that contained more nefarious things,” Smith told eSecurity Planet. “The other two vulnerabilities are certainly not to be overlooked, but in the grand scheme of things, they aren’t critically concerning.”

He said the fact that one of the flaws could be used to delete what’s described as legacy documentation likely wouldn’t cripple a business. While the other could be used to remove roles on PyPi projects, “these roles are non-enumerable UUIDs [universally unique identifiers] that the attacker won’t know, so it’s fairly unlikely that a targeted attack could have been performed before the patch.”

Python Security Under Scrutiny

Developers using the Python programming languages should expect more scrutiny from security researchers and bad actors alike, Smith said.

“The more popular a particular programming language is, the more an attacker stands to gain by exploiting it,” he said. “Python is one of the most popular scripting languages in the world, so, combine this with the fact that it has a very extensive repository of different packages that you can install, and it becomes a very alluring target to exploit.”

The administrators of the PyPI repository have had to address a range of security issues in recent months. In June, researchers with Sonatype, a supply chain security provider, found six malicious typosquatting packages in the repository that included crypto-mining malware. The packages – some of which were placed into the repository as early as April, Sonatype researchers wrote in a blog post – used variations in the names of Python packages. Typosquatting campaigns look to take advantage of users accidently typing in the wrong name.

More recently, a group of researchers from Finland used static analysis to examine PyPI packages and found that about 46 percent of the 197,000 packages reviewed had at least one security issue. More than 749,000 security concerns were found in those packages, the researchers said in their report. The most prevalent types of security issue for the PyPI repository was exception handling – responding to unusual conditions that require special processing – and code injections, in which malicious code is injected into software that is executed by the application, they said.

“Different security issues are a common problem for open source packages archived to and delivered through software ecosystems,” they wrote. “These often manifest themselves as software weaknesses that may lead to concrete software vulnerabilities.”

Also read: Holes in Linux Kernel Could Pose Problems for Red Hat, Ubuntu, Other Distros

Use Version-locked Dependencies

Vulnerabilities like those found in the PyPI repository also can be leveraged in attacks that target third-party software as a way into large numbers of companies that use the software, Dirk Schrader, global vice president of security research at New Net Technologies, told eSecurity Planet.

The flaws highlight that supply chain attacks are becoming more and more mainstream,” he said. “This time, the flaws were reported by a white-hat hacker, luckily.”

Both Schrader and Smith said enterprises need to become more savvy about the software repositories they tap into and to monitor closely the packages they use, either by doing the monitoring themselves or having a service provider do it for them.

“Supply chain attacks are becoming increasingly common, so organizations should start including an audit of their software dependencies in their own individual software audits,” Smith said. “While those dependencies may not be something an organization directly maintains, the security issues that may be present in them do directly affect one’s own security posture.”

In addition, he said, “developers should be using version-locked dependencies to prevent accidental auto-updating to a potentially compromised dependency. At the same time, security teams should be “actively monitoring the dependencies in use for issues and alert the development teams, as necessary.”

Get the Free Cybersecurity Newsletter

Strengthen your organization’s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Jeff Burt Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis