CVE-2023-45805: 
Python vulnerability analysis and mitigation

PDM, a Python package and dependency manager supporting the latest PEP standards, was found to be vulnerable to a malicious pdm.lock file manipulation (CVE-2023-45805). The vulnerability was discovered in October 2023 and affected versions up to 2.9.4. The issue allowed an insider or a malicious open source project to appear to depend on a trusted PyPI project while actually installing a different project (GitHub Advisory).

The vulnerability stems from improper validation of project names and versions in the package manager. An attacker could create a project named 'foo-2' and upload a file 'foo-2-2.tar.gz' to PyPI, which would be interpreted differently by PyPI (as project 'foo-2' version '2') and PDM (as project 'foo' version '2-2'). The version only needed to be parseable as a version, and the filename only needed to be a prefix of the project name, without verification against the installed version. Additionally, version '2-2' did not comply with PEP 440's normalized version format (GitHub Advisory).

When installing dependencies with PDM, the actual installed package could differ from what was listed in pyproject.toml, potentially leading to arbitrary code execution during installation. The vulnerability could also be exploited for downgrade attacks by manipulating version numbers (GitHub Advisory).

The vulnerability has been addressed in commit 6853e2642df which was included in release version 2.9.4. Users are advised to upgrade to this version or later. There are no known workarounds for this vulnerability (NVD).