CVE-2007-4559

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Python tarfile module versions (affected versions not specified)

Description: A directory traversal vulnerability in the extract and extractall functions of the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive. This issue is related to a problem of incorrect restriction of the path name to a directory with limited access, which can allow a remote attacker to execute arbitrary code. It is estimated that up to 350,000 open source projects may be potentially vulnerable to exploitation due to this security flaw.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

ALSA-2023:6324

ALSA-2023:6494

ALSA-2023:6659

ALSA-2023:6694

ALSA-2023:6914

ALSA-2023:7024

ALSA-2023:7034

ALSA-2023:7050

ALSA-2023:7151

ALSA-2023:7176

ALT-PU-2024-2511

ALT-PU-2024-6382

ALT-PU-2024-9093

ALT-PU-2024-9345

AZL-6822

AZL-6828

BDU:2022-05975

BIT-PYTHON-2007-4559

BIT-PYTHON-MIN-2007-4559

CESA-2023_6914

CESA-2023_7024

CESA-2023_7034

CESA-2023_7050

CESA-2023_7151

CESA-2023_7176

CVE-2007-4559

OESA-2023-1518

OESA-2023-1519

OESA-2023-1520

OESA-2024-2304

OPENSUSE-SU-2023_2641-1

OPENSUSE-SU-2023_2884-1

OPENSUSE-SU-2023_2937-1

OPENSUSE-SU-2023_2957-1

OPENSUSE-SU-2024:12684-1

OPENSUSE-SU-2024:12947-1

OPENSUSE-SU-2024:12964-1

OPENSUSE-SU-2024:12976-1

OPENSUSE-SU-2024:12977-1

OPENSUSE-SU-2024:13071-1

OPENSUSE-SU-2025:15104-1

PSF-2007-2

RHSA-2023:6324

RHSA-2023:6494

RHSA-2023:6659

RHSA-2023:6694

RHSA-2023:6793

RHSA-2023:6914

RHSA-2023:7024

RHSA-2023:7034

RHSA-2023:7050

RHSA-2023:7151

RHSA-2023:7176

RHSA-2023_6324

RHSA-2023_6494

RHSA-2023_6659

RHSA-2023_6694

RHSA-2023_6914

RHSA-2023_7024

RHSA-2023_7034

RHSA-2023_7050

RHSA-2023_7151

RHSA-2023_7176

RHSA-2024:0374

RHSA-2024:0430

RHSA-2024:0587

SUSE-SU-2023:2463-1

SUSE-SU-2023:2473-1

SUSE-SU-2023:2509-1

SUSE-SU-2023:2517-1

SUSE-SU-2023:2641-1

SUSE-SU-2023:2778-1

SUSE-SU-2023:2884-1

SUSE-SU-2023:2937-1

SUSE-SU-2023:2957-1

SUSE-SU-2023_2473-1

SUSE-SU-2023_2517-1

SUSE-SU-2023_2641-1

SUSE-SU-2023_2957-1

SUSE-SU-2026:0210-1

Affected Products

Alt Linux

Almalinux

Centos

Python Tarfile Module

Red Hat

Rocky Linux

Suse

CVE-2007-4559

Weakness Enumeration

Related Identifiers

Affected Products

References · 151