14 matches found
cpython: Tarfile extracts filtered members when errorlevel=0
A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...
BIT-LIBPYTHON-2025-4435 Tarfile extracts filtered members when errorlevel=0
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...
cpython: Tarfile extracts filtered members when errorlevel=0
A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...
cpython: Tarfile extracts filtered members when errorlevel=0
A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...
cpython: Tarfile extracts filtered members when errorlevel=0
A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...
cpython: Tarfile extracts filtered members when errorlevel=0
A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...
cpython: Tarfile extracts filtered members when errorlevel=0
A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...
cpython: Tarfile extracts filtered members when errorlevel=0
A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...
cpython: Tarfile extracts filtered members when errorlevel=0
A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...
cpython: Tarfile extracts filtered members when errorlevel=0
A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...
AZL-62298 CVE-2025-4435 affecting package python3 3.9.19-19
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...
UBUNTU-CVE-2025-4435
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...
Use of Incorrectly-Resolved Name or Reference
Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via the tarfile process when errorlevel is set to 0 and a filter is applied. An attacker can cause unauthorized files to be extracted by convincing a privileged user or process to extract a...
CVE-2025-4435 Tarfile extracts filtered members when errorlevel=0
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...