USN-8367-1: tar-fs vulnerabilities

It was discovered that tar-fs did not properly limit paths when extracting crafted tar files. An attacker could possibly use this issue to write or overwrite files outside the intended extraction directory. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-12905 It was...

RockyLinux 8 : python3 (RLSA-2025:10128)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10128 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside extraction...

python3 security update

An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language,...

RLSA-2025:10128 Important: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

EUVD-2026-19317

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

CVE-2026-5704

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

CVE-2026-5704

CVE-2026-5704 affects the tar component. A flaw allows a remote attacker to craft an archive that injects hidden files with attacker-controlled content, bypassing pre-extraction inspection and potentially introducing malicious files to a system without detection. The vulnerability is described wi...

CVE-2026-5704 Tar: tar: hidden file injection via crafted archives

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

EulerOS Virtualization 2.13.1 : python-pip (EulerOS-SA-2026-1640)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn'...

CVE-2026-26960

node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting use...

📄 Python Tarfile Bypass

This proof of concept exploit targets CVE-2025-4138, a vulnerability in Python's built-in tarfile module when extracting archives using filter="data". The issue allows a crafted archive to bypass intended path restrictions by abusing filesystem path length handling and symbolic link resolution...

PT-2026-20374

Name of the Vulnerable Software and Affected Versions node-tar versions 7.5.7 and below node-tar version 7.5.8 Description The node-tar package contains a flaw where an attacker-controlled archive, when extracted using default options, can create a hardlink inside the extraction directory that...

Exploit for CVE-2025-4138

CVE-2025-4138 / CVE-2025-4517Python tarfile Filter Bypass via PA...

PT-2026-7666

Name of the Vulnerable Software and Affected Versions BusyBox affected versions not specified Description A flaw exists in BusyBox that allows an attacker to modify files outside the intended extraction directory. This is achieved by creating a malicious tar archive with unvalidated hardlink or...

SUSE-SU-2026:0210-1 Security update for python3

This update for python3 fixes the following issues: Security fixes: - CVE-2025-4517: Fixed arbitrary filesystem writes outside the extraction directory during extraction with filter='data' bsc1244032 - CVE-2025-4330: Fixed extraction filter bypass for linking outside extraction directory bsc12440...

MiracleLinux 7 : python3-3.6.8-21.0.5.0.2.el7.AXS7 (AXSA:2025-11111:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11111:08 advisory. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4517: fix multiple tarfile extraction filter bypasses filter=tar/filter=data...

MiracleLinux 8 : python3.12-3.12.11-1.el8_10 (AXSA:2025-10429:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10429:06 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

MiracleLinux 9 : python3.12-3.12.9-1.el9_6.1 (AXSA:2025-10625:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10625:08 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

AlmaLinux 8 : python39:3.9 (ALSA-2025:23530)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23530 advisory. python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-5642 python: Virtual environment venv activation scripts don't...

cpython: python: Extraction filter bypass for linking outside extraction directory

A flaw was found in CPython's tarfile module. This vulnerability allows bypassing of extraction filters, enabling symlink traversal outside the intended extraction directory and potential modification of file metadata via malicious tar archives using TarFile.extractall or TarFile.extract with the...