CVE-2021-3572 Overview
A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1.
Critical Impact
Remote attackers can manipulate git references using Unicode separators to install unintended revisions, compromising the integrity of installed packages and potentially introducing malicious code into development environments.
Affected Products
- pypa pip (versions prior to 21.1)
- Oracle Agile PLM 9.3.6
- Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0 and 22.1.0
- Oracle Communications Cloud Native Core Policy 1.15.0 and 22.1.3
Discovery Timeline
- 2021-11-10 - CVE-2021-3572 published to NVD
- 2024-11-21 - Last updated in NVD database
Technical Details for CVE-2021-3572
Vulnerability Analysis
This vulnerability stems from improper input validation in python-pip when processing git references containing Unicode separators. The package manager fails to properly sanitize and validate Unicode characters within git reference strings, allowing attackers to craft malicious references that pip interprets differently than intended. This improper handling enables an attacker to trick pip into installing a different revision than what was specified by the user or project configuration.
The vulnerability affects the supply chain security of Python projects that use pip to install packages directly from git repositories. When developers specify a particular commit hash, tag, or branch to install, an attacker with the ability to influence the git reference string can substitute a malicious revision that pip will silently install instead.
Root Cause
The root cause is classified under CWE-20 (Improper Input Validation). Python-pip did not adequately validate Unicode characters in git references before processing them. Specifically, the code path handling git URL parsing and revision specification failed to normalize or reject Unicode separator characters that could alter how the reference string is interpreted, leading to a situation where visually similar references could resolve to different git commits.
Attack Vector
The attack is network-based and requires some level of user interaction. An attacker who can influence the git reference used in a pip install command—whether through a compromised requirements.txt, a malicious pull request, or a spoofed package source—can craft a git URL containing Unicode separators. These separators are visually similar to legitimate characters but cause pip to resolve to a different git revision than intended. This allows the attacker to serve malicious code while the reference appears legitimate to casual inspection.
The vulnerability requires low privileges to exploit, as the attacker only needs to be able to influence the pip installation source (such as contributing to an open-source project or hosting a malicious package repository). When a developer runs pip install with the manipulated reference, pip fetches and installs the attacker-controlled revision instead of the expected one.
Detection Methods for CVE-2021-3572
Indicators of Compromise
- Unexpected git revisions installed that differ from those specified in requirements.txt or pip commands
- Presence of Unicode separator characters (such as U+2028 Line Separator or U+2029 Paragraph Separator) in pip installation logs or requirements files
- Hash mismatches between expected and installed package versions when using pip's hash verification
- Unusual package behavior or functionality that doesn't align with the expected codebase version
Detection Strategies
- Audit all requirements.txt files and pip installation commands for unusual Unicode characters using hex editors or Unicode-aware text tools
- Implement pip hash verification (--require-hashes) to ensure installed packages match expected cryptographic hashes
- Monitor pip installation logs for any warnings or anomalies during git-based package installations
- Use software composition analysis (SCA) tools to verify installed package versions against known-good manifests
Monitoring Recommendations
- Enable verbose logging for pip operations (pip install -v) to capture detailed git reference resolution information
- Implement CI/CD pipeline checks that validate requirements files for suspicious Unicode characters before processing
- Deploy file integrity monitoring on critical Python environments to detect unexpected package changes
- Regularly compare installed package metadata against expected versions using pip freeze and version pinning
How to Mitigate CVE-2021-3572
Immediate Actions Required
- Upgrade python-pip to version 21.1 or later immediately across all development and production environments
- Audit existing requirements.txt files and installation scripts for potential Unicode separator injection
- Implement hash-based verification for all pip installations using the --require-hashes flag
- Review recently installed packages from git sources to verify correct revisions were installed
Patch Information
The vulnerability is fixed in python-pip version 21.1. Users should upgrade to this version or later to remediate the vulnerability. For downstream distributions, consult vendor-specific advisories:
- Red Hat Bug Report #1962856 provides Red Hat-specific guidance
- Oracle CPU April 2022 Alert addresses affected Oracle products
- Oracle CPU July 2022 Alert provides additional Oracle product patches
- NetApp Security Advisory NTAP-20240621-0006 covers NetApp products
Workarounds
- Use hash verification (--require-hashes) with pip to ensure installed packages match expected cryptographic hashes
- Pin packages to specific versions using == rather than git references where possible
- Implement pre-commit hooks or CI checks to scan requirements files for Unicode anomalies
- Consider using a private PyPI mirror or artifact repository with pre-verified packages instead of direct git installations
# Upgrade pip to patched version
pip install --upgrade pip>=21.1
# Install packages with hash verification
pip install --require-hashes -r requirements.txt
# Check current pip version
pip --version
# Audit requirements file for Unicode characters (Linux/macOS)
cat -A requirements.txt | grep -v "^[[:print:]]*$"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
