CVE-2025-4517

CVSS v2.0

9.7

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:P

Name of the Vulnerable Software and Affected Versions Python versions 3.12 and later

Description The issue allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data" when using the tarfile module to extract untrusted tar archives. This affects users of Python versions 3.12 or later, as earlier versions do not include the extraction filter feature. For Python 3.14 or later, the default value of filter changed to "data", so users relying on this new default behavior are also affected.

Recommendations For Python versions 3.12 and later, update to a version where the issue is fixed, as the default behavior change in Python 3.14 or later may affect usage. As a temporary workaround, consider avoiding the use of the filter parameter with a value of "data" or "tar" in TarFile.extractall() or TarFile.extract() until a patch is available. Restrict access to untrusted tar archives to minimize the risk of exploitation.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

ALSA-2025:10026

ALSA-2025:10031

ALSA-2025:10128

ALSA-2025:10136

ALSA-2025:10140

ALSA-2025:10148

ALSA-2025:10189

ALSA-2025:23530

AZL-62307

AZL-62318

BDU:2025-06494

BIT-LIBPYTHON-2025-4517

BIT-PYTHON-2025-4517

BIT-PYTHON-MIN-2025-4517

CESA-2025_10026

CESA-2025_10031

CESA-2025_10128

CLEANSTART-2026-CI66802

CLEANSTART-2026-KM27583

CLEANSTART-2026-SP91806

CVE-2025-4517

ECHO-9CFA-3451-0E1E

INFSA-2025_10026

INFSA-2025_10031

INFSA-2025_10128

INFSA-2025_10136

INFSA-2025_10148

INFSA-2025_10189

MGASA-2025-0280

OESA-2025-1789

OESA-2025-1790

OESA-2025-1791

OESA-2025-2332

OESA-2025-2333

OPENSUSE-SU-2025:15285-1

OPENSUSE-SU-2025:15286-1

OPENSUSE-SU-2025:15287-1

OPENSUSE-SU-2025:15288-1

OPENSUSE-SU-2025:15290-1

PSF-2025-9

RHSA-2025:10026

RHSA-2025:10028

RHSA-2025:10031

RHSA-2025:10128

RHSA-2025:10136

RHSA-2025:10140

RHSA-2025:10148

RHSA-2025:10189

RHSA-2025:10399

RHSA-2025:10484

RHSA-2025:10602

RHSA-2025:9918

RHSA-2025_10026

RHSA-2025_10031

RHSA-2025_10128

RHSA-2025_10136

RHSA-2025_10148

RHSA-2025_10189

SUSE-SU-2025:02047-1

SUSE-SU-2025:02048-1

SUSE-SU-2025:02049-1

SUSE-SU-2025:02050-1

SUSE-SU-2025:02057-1

SUSE-SU-2025:02074-1

SUSE-SU-2025:02297-1

SUSE-SU-2025:02427-1

SUSE-SU-2025:02778-1

SUSE-SU-2025:20492-1

SUSE-SU-2025:20539-1

SUSE-SU-2025_02047-1

SUSE-SU-2025_02049-1

SUSE-SU-2025_02050-1

SUSE-SU-2025_02057-1

SUSE-SU-2025_02297-1

SUSE-SU-2025_02778-1

SUSE-SU-2026:0210-1

USN-7583-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Ibm Aix

Linuxmint

Python

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2025-4517

Weakness Enumeration

Related Identifiers

Affected Products

References · 313