Notatallshaw

**Name of the Vulnerable Software and Affected Versions** pip (affected versions not specified) **Description** A crafted wheel archive during installation and extraction by pip may allow files to be extracted outside the intended installation directory. This path traversal is limited to prefixes of the installation directory, restricting the ability to overwrite executable files in common scenarios. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.