BIT-MLFLOW-2025-15031 Path Traversal Vulnerability in mlflow/mlflow

A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handling of tar archive entries. Specifically, the use of tarfile.extractall without path validation enables crafted tar.gz files containing .. or absolute paths to escape the intended extractio...

cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract or TarFile.extractall with the filte...

Keras Directory Traversal Vulnerability

Summary Keras's keras.utils.getfile function is vulnerable to directory traversal attacks despite implementing filtersafepaths. The vulnerability exists because extractarchive uses Python's tarfile.extractall method without the security-critical filter="data" parameter. A PATHMAX symlink resoluti...

CVE-2025-12060

The keras.utils.getfile API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special...

EUVD-2024-34368

Malicious code in bioql PyPI...

ROS-20250819-06

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...

cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract or TarFile.extractall with the filte...

Aim External Control of File Name or Path vulnerability

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to exploit the tarfile.extractall function to extract the contents of a maliciously crafted tarfile to arbitrary locations on the host server. The attacker can control repo.path and runhash to bypass directory existence checks and...

CVE-2024-6829

CVE-2024-6829 affects aimhubio/aim 3.19.3. The vulnerability arises in tarfile.extractall(), allowing an attacker-controlled tarfile to be extracted to arbitrary locations on the host by manipulating repo.path and run_hash. This bypasses directory existence checks and can result in arbitrary file...

The vulnerability of the tarfile.extractall method in the TrueNAS CORE operating system allows a hacker to execute arbitrary code.

The vulnerability of the tarfile.extractall method in the TrueNAS CORE operating system is related to an incorrect limitation on the path name for the restricted access directory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

CVE-2024-11944

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. T...

CVE-2024-11944

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. T...

iXsystems TrueNAS CORE 路径遍历漏洞

iXsystems TrueNAS CORE is an open source storage software from iXsystems. A path traversal vulnerability exists in iXsystems TrueNAS CORE version 13.3-RELEASE, which stems from a lack of proper validation of user-supplied paths in the tarfile.extractall method, which could lead to directory...

PT-2024-10212 · Ixsystems · Truenas Core

Name of the Vulnerable Software and Affected Versions: iXsystems TrueNAS CORE versions prior to 13.0-U6.3 Description: The issue is related to the tarfile.extractall method, which lacks proper validation of a user-supplied path prior to using it in file operations. This allows network-adjacent...

SUSE-SU-2023:2463-1 Security update for python310

This update for python310 fixes the following issues: - CVE-2007-4559: Fixed filter for tarfile.extractall bsc1203750...

PT-2023-22817 · Mindsdb +1 · Mindsdb +1

Name of the Vulnerable Software and Affected Versions: mindsdb versions prior to 23.2.1.0 Description: The issue is related to an unsafe extraction performed using tarfile.extractall from a remotely retrieved tarball, which may lead to the writing of extracted files to an unintended location. Thi...

PT-2022-16057 · Python +1 · Tarfile.Tarfile +1

Name of the Vulnerable Software and Affected Versions: GuardDog versions prior to 0.1.5 Description: The issue allows an attacker to write an arbitrary file on the machine where GuardDog is executed due to a path traversal vulnerability when extracting the .tar.gz file of the package being scanne...