3 matches found
TencentOS Server 4: python3.12 (TSSA-2025:0625)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0625 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
ROS-20250819-06
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...
cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory
A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract or TarFile.extractall with the filte...