Tarfile · Tarfile · CVE-2025-4435
**Name of the Vulnerable Software and Affected Versions**
The product name cannot be determined.
**Description**
The issue concerns the behavior of TarFile when extracting with a filter and `TarFile.errorlevel = 0`. The documented behavior is that any filtered members should be skipped and not extracted. However, the actual behavior in affected versions is that the member would still be extracted and not skipped.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.