Astra Linux - уязвимость в python3.11

When using TarFile.errorlevel = 0 and extracting with a filter, the documented behavior is that any filtered members would be skipped and not extracted. However, the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member will still be extracted and not skipped...

cpython: Tarfile extracts filtered members when errorlevel=0

A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an incorrect calculation in python [CVE-2025-4435]

Summary IBM Watson Speech Services Cartridge is vulnerable to an incorrect calculation in python, due to an issue with 'TarFile.errorlevel = 0 ' that causes filtered members to be skipped and not extracted CVE-2025-4435. Python is used in our speech service runtimes. This vulnerabilitiy has been...

EUVD-2025-16725

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-4435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. Howeve...

cpython: Tarfile extracts filtered members when errorlevel=0

A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms...

SUSE CVE-2025-4435

When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...

CVE-2025-4435

When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...

DEBIAN-CVE-2025-4435

When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...

PSF-2025-8

When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...

CPython 安全漏洞

CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from a filter member not being skipped and still being extracted when TarFile.errorlevel = 0...