Skip to main content
CVE Vulnerability Database

CVE-2025-8291: Python Zipfile Module Parsing Vulnerability

CVE-2025-8291 is a ZIP archive parsing flaw in Python's zipfile module that allows malicious ZIP files to be handled inconsistently. This article covers the technical details, affected versions, impact, and mitigation.

Published:

CVE-2025-8291 Overview

CVE-2025-8291 is a parsing inconsistency vulnerability in the Python zipfile module. The module fails to validate the offset value in the ZIP64 End of Central Directory (EOCD) Locator record. Instead of using that offset to locate the ZIP64 EOCD record, the module assumes the EOCD record is the previous record in the archive. Attackers can craft ZIP archives that zipfile parses differently than other ZIP implementations, enabling parser confusion attacks. This weakness is tracked as CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input.

Critical Impact

Parser differentials between Python zipfile and other ZIP tools can be abused to bypass security scanners, antivirus engines, and content inspection that rely on consistent archive parsing.

Affected Products

  • CPython zipfile module (multiple versions prior to patch)
  • Python applications and tooling that consume ZIP archives via the standard library
  • Security scanners and archive processors built on CPython zipfile

Discovery Timeline

  • 2025-10-07 - CVE-2025-8291 published to NVD
  • 2026-04-15 - Last updated in NVD database

Technical Details for CVE-2025-8291

Vulnerability Analysis

The Python zipfile module handles ZIP64 archives, an extension to the ZIP format that supports files and archives larger than 4 GB. ZIP64 archives include a ZIP64 EOCD Locator record that specifies the byte offset of the ZIP64 EOCD record within the archive. The zipfile module reads the Locator but does not use the offset field to seek to the ZIP64 EOCD record. Instead, it treats the record immediately preceding the Locator as the ZIP64 EOCD record.

This behavior diverges from the ZIP specification and from implementations that honor the offset field. An attacker who controls archive structure can place a benign ZIP64 EOCD record where zipfile will read it, while pointing the Locator offset at a different EOCD record that other parsers will use. The result is a single archive that yields two different file listings depending on the parser. This class of weakness is referred to as a parser differential or schism attack.

Root Cause

The root cause is missing input validation. The zipfile module never compares the Locator's stated offset against the actual position used to read the ZIP64 EOCD record. Remediation preserves the previous behavior of reading the prior record but adds a check that the offset declared in the Locator matches the expected position.

Attack Vector

Exploitation requires user interaction, typically by inducing a victim or automated pipeline to process a malicious ZIP archive. An attacker crafts a ZIP64 archive with conflicting EOCD structures. Antivirus, sandbox, or content-inspection tools that use a spec-compliant ZIP parser see one set of contents. Downstream Python code using zipfile extracts a different set. This can be abused to smuggle malicious files past scanners or to bypass allowlists that inspect archive contents before delivery to a Python consumer.

No verified public exploit code is published for this issue. Technical detail is available in the Google security advisory GHSA-hhv7-p4pg-wm6p and the CPython issue #139700.

Detection Methods for CVE-2025-8291

Indicators of Compromise

  • ZIP archives where the ZIP64 EOCD Locator offset does not point to the byte position of the ZIP64 EOCD signature (0x06064b50)
  • Archives containing multiple EOCD or ZIP64 EOCD records with differing central directory pointers
  • Discrepancies between file listings produced by unzip, 7z, and Python zipfile.ZipFile.namelist() on the same archive

Detection Strategies

  • Parse incoming ZIP archives with two independent implementations and compare file listings, sizes, and CRCs for mismatches
  • Validate that the offset declared in the ZIP64 EOCD Locator record matches the actual file position of the ZIP64 EOCD record before processing
  • Flag archives that contain unreferenced or duplicate EOCD structures during preprocessing in mail gateways and upload handlers

Monitoring Recommendations

  • Log Python runtime and interpreter versions in build and CI systems to identify hosts still running an unpatched zipfile
  • Monitor file processing pipelines for parser errors or content mismatches between scanning and extraction stages
  • Track ZIP archives originating from untrusted sources that target Python-based services, including data ingestion APIs and CI/CD artifact handlers

How to Mitigate CVE-2025-8291

Immediate Actions Required

  • Upgrade CPython to a patched release that includes the fix from commits 1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46 and 162997bb70e067668c039700141770687bc8f267
  • Inventory applications that accept ZIP archives from untrusted sources and prioritize patching those systems
  • Rebuild and redeploy container images and virtual environments that bundle vulnerable Python versions

Patch Information

The CPython project addressed CVE-2025-8291 by retaining the existing parsing behavior while adding a validation step. The patched zipfile now verifies that the offset specified in the ZIP64 EOCD Locator matches the expected position of the ZIP64 EOCD record. Review the Python Security Announcement, the PSF advisory PSF-2025-12, and the GitHub Pull Request #139702 for fix details.

Workarounds

  • Pre-validate ZIP archives with a spec-compliant parser and reject any archive where the ZIP64 EOCD Locator offset does not match the ZIP64 EOCD signature location
  • Require archives to be re-packed by a trusted tool before passing them to Python zipfile consumers
  • Restrict the use of zipfile on attacker-controlled input until patched interpreters are deployed across all hosts
bash
# Verify the installed Python version after patching
python3 --version
python3 -c "import zipfile, sys; print(zipfile.__file__); print(sys.version)"

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.