CVE-2023-45805

Name of the Vulnerable Software and Affected Versions pdm versions prior to 2.9.4

Description It's possible to craft a malicious pdm.lock file that could allow an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project can be targeted by creating a project with a similar name and uploading a file to pypi.org. The version must only be parseable as a version and the filename must be a prefix of the project name, but it's not verified to match the version being installed. When installing dependencies with pdm, what's actually installed could differ from what's listed in pyproject.toml (including arbitrary code execution on install). It could also be used for downgrade attacks by only changing the version.

Recommendations For versions prior to 2.9.4, upgrade to release version 2.9.4 to address the issue. As a temporary workaround, consider verifying the project name and version to match exactly before installing dependencies. Restrict access to the pdm.lock file to minimize the risk of exploitation. Avoid using the pdm.lock file from untrusted sources until the issue is resolved.