GHSA-ffj4-jq7m-9g6v

Source

https://github.com/advisories/GHSA-ffj4-jq7m-9g6v

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/01/GHSA-ffj4-jq7m-9g6v/GHSA-ffj4-jq7m-9g6v.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-ffj4-jq7m-9g6v

Aliases

CVE-2026-22870

Published

2026-01-13T21:54:41Z

Modified

2026-02-03T02:58:45.054401Z

Severity

7.1 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS Calculator

Summary

GuardDog Zip Bomb Vulnerability in safe_extract() Allows DoS

Details

Summary

GuardDog's safe_extract() function does not validate decompressed file sizes when extracting ZIP archives (wheels, eggs), allowing attackers to cause denial of service through zip bombs. A malicious package can consume gigabytes of disk space from a few megabytes of compressed data.

Vulnerability Details

Affected Component: guarddog/utils/archives.py - safe_extract() function
Vulnerability Type: CWE-409 - Improper Handling of Highly Compressed Data (Zip Bomb)
Severity: HIGH (CVSS ~8)
Attack Vector: Network (malicious package uploaded to PyPI/npm) or local

Root Cause

The safe_extract() function handles TAR files securely using the tarsafe library, but ZIP file extraction has no size validation:

elif zipfile.is_zipfile(source_archive):
    with zipfile.ZipFile(source_archive, "r") as zip:
        for file in zip.namelist():
            zip.extract(file, path=os.path.join(target_directory, file))

Missing protections: - ❌ No decompressed size limit - ❌ No compression ratio validation
- ❌ No file count limits - ❌ No total extracted size validation

Impact

Denial of Service Scenarios

1. CI/CD Pipeline Disruption - Attacker publishes malicious package to PyPI - Developer adds package to requirements.txt - CI/CD runs GuardDog scan - Disk fills (GitHub Actions: standard 14GB limit) - All deployments blocked

2. Resource Exhaustion - Local development environments - Security scanning infrastructure
- Automated scanning systems - Docker containers with limited disk

3. Supply Chain Attack Amplification - Single malicious package blocks security scanning - Prevents detection of other malicious packages - Forces manual intervention - Increases security team workload

Recommended Fix

Add size validation for ZIP files similar to what tarsafe provides for TAR files

Configuration Options

Make limits configurable via environment variables or config file

Additional Improvements

Add warning logs when archives approach limits
Provide clear error messages for users
Document limits in user-facing documentation
Add tests for zip bomb detection
Consider using a safe ZIP library (similar to tarsafe)

Credit

Reported by: Charbel (dwbruijn)

Database specific

{
    "github_reviewed": true,
    "severity": "HIGH",
    "nvd_published_at": "2026-01-13T21:15:55Z",
    "cwe_ids": [
        "CWE-409"
    ],
    "github_reviewed_at": "2026-01-13T21:54:41Z"
}

References

Affected packages

PyPI / guarddog

Package

Name: guarddog; View open source insights on deps.dev
Purl: pkg:pypi/guarddog

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.7.1

Affected versions

0.*

0.1.1

0.1.3

0.1.4

0.1.5

0.1.6

0.1.7

0.1.8

0.1.9

0.1.10

1.*

1.0.0

1.0.1

1.0.2

1.1.0

1.1.1

1.1.2

1.1.3

1.1.4

1.2

1.2.1

1.3.0

1.4.0

1.5.0

1.5.1

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.6.0

1.7.0

1.8.0

1.8.1

1.8.2

1.9.0

1.10.0

1.10.1

1.11.0

1.11.1

1.11.2

2.*

2.0.0

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5

2.0.6

2.1.0

2.2.0

2.3.0

2.4.0

2.5.0

2.6.0

2.7.0

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/01/GHSA-ffj4-jq7m-9g6v/GHSA-ffj4-jq7m-9g6v.json"