CVE-2025-4517Path Traversal in Software Foundation Cpython

CWE-22Path Traversal11 documents9 sources
Severity
9.4CRITICALNVD
EPSS
0.4%
top 39.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Python Software Foundation Cpython
Timeline
PublishedJun 3
Latest updateOct 30

Description

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later th

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:LExploitability: 3.9 | Impact: 5.5

Affected Packages1 packages

CVEListV5python_software_foundation/cpython3.10.03.10.18+5

🔴Vulnerability Details

4
GHSA
GHSA-6r6c-684h-9j7p: Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data"2025-06-03
OSV
CVE-2025-4517: Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data"2025-06-03
CVEList
Arbitrary writes via tarfile realpath overflow2025-06-03
OSV
CVE-2025-4517: Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data"2025-06-03

📋Vendor Advisories

6
Red Hat
keras: Keras Path Traversal Vulnerability2025-10-30
Oracle
Oracle Oracle Database Server Risk Matrix: RDBMS (Python) — CVE-2025-45172025-10-15
Ubuntu
Python vulnerabilities2025-06-19
Microsoft
Arbitrary writes via tarfile realpath overflow2025-06-10
Red Hat
python: cpython: Arbitrary writes via tarfile realpath overflow2025-06-03
CVE-2025-4517 — Path Traversal | cvebase