2 matches found
CLSA-2025-1763033745 python: Fix of CVE-2025-8194
CVE-2025-8194: fix infinite loop and deadlock in TarFile extraction and entry enumeration APIs...
Use of Incorrectly-Resolved Name or Reference
Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via the tarfile process when errorlevel is set to 0 and a filter is applied. An attacker can cause unauthorized files to be extracted by convincing a privileged user or process to extract a...