CVE-2019-20907

2020-07-13T13:15:00
ID CVE-2019-20907
Type cve
Reporter cve@mitre.org
Modified 2021-07-21T11:39:00

Description

In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.