BIT-LIBPYTHON-2024-12718 Bypass extraction filter to modify file metadata outside extraction directory
Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...