Security News > 2021 > August > Potential RCE Flaw Patched in PyPI’s GitHub Repository
A vulnerability in the GitHub Actions workflow for PyPI's source repository could be exploited to perform a malicious pull request and eventually execute arbitrary code on pypi.org, according to a warning from a Japanese security researcher.
The workflow did not verify the pull request author, anyone could create a pull request with a specific name and have the workflow to process it.
What the researcher discovered was that the code responsible for printing branch lists of pull requests contained a vulnerability that could be exploited to execute commands and "Leak GitHub Access Token with write permission against the pypa/warehouse repository."
As the PyPI security team points out, an attack would be difficult to identify, because the attacker can use a pull request that is not malicious.
Thus, even if a PyPI administrator inspects the attacker's pull request, they would approve it, as it would not attempt to exploit any vulnerability.
The PyPI security team patched the security hole last week, the same day that RyotaK reported it.