The security flaw that Python developers should be aware of

29 Aug 2022

Image: © kikujungboy/

Security firm Checkmarx found that one in three software packages from PyPI contains a flaw that can lead to malicious code being automatically installed.

Many software packages from the Python Package Index (PyPi) are vulnerable to a feature that could allow an attacker to automatically execute malicious code before installation – while developers are merely downloading a package.

That’s according to researchers at cybersecurity firm Checkmarx, who said that automatic code execution is triggered upon downloading close to a third of the packages on the software repository.

“This feature is alarming due to the fact that a great deal of the malicious packages we are finding in the wild use this feature of code execution upon installation to achieve higher infection rates,” Checkmarx said in a post published Friday (26 August).

Checkmarx, which recently also found a flaw in Amazon’s Ring camera system, is now warning Python developers that package downloading could lead to an increased risk of a supply chain attack.

What is the problem?

When a Python package is installed by a developer, PIP – Python’s package manager – tries to collect and process the metadata of the package, such as its version and the dependencies it needs to work properly.

This process occurs automatically in the background by PIP running the main script that comes as part of the package structure. The purpose of this is to provide a data structure for the package manager to understand how to handle the package.

However, according to Checkmarx, the file can contain any code the developer of the package would like, meaning that an attacker who understands this process can plant malicious code that will then execute automatically during the download.

“In fact, much of the malicious packages we are detecting contain malicious code in the ‘’ file,” Checkmarx added.

What is troubling about this flaw is the fact that it can affect developers even if they choose not to install the file, but just download it to view its code or perform a security check.

Checkmarx researchers found that simply downloading the package will run the ‘’ file and any potentially malicious code within it, which they described as “not a bug but rather a feature in the PIP design”.

This is not the first time people have raised concerns about this. Checkmarx pointed out that the issue was previously highlighted in 2014 but was never addressed.

How to work around this

Checkmarx said that there are workarounds that can help developers prevent automatic execution of code. One action is checking the package file contents before download for a .whl file.

PyPi has introduced a new wheel (.whl) file type that removes the need to run the However, it still allows contributors to choose their preferred format for compatibility – with some choosing the more vulnerable tar.gz format, which includes the file.

“If there is a .whl file, the user can feel confident they will receive the .whl file, and no code will be executed on their machine. If there is only a tar.gz present, a user can use a safe method of download such as working directly with PyPi’s ‘simple’ API,” Checkmarx said.

Tzachi Zorenshtain, head of supply chain security at Checkmarx, told SC Media that when developers install a software package from repositories like PyPi, most are conscious of the risk of installing malicious code associated with it – and the vulnerability can’t be fixed easily.

“If we magically changed all the formats and everything is resubmitted and filed to the new format, then it would be easy to remove this behaviour. We understand that this behaviour will probably be with us for a while, so at least [building] awareness is what was important to us.”

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Vish Gain is a journalist with Silicon Republic