CVE-2025-4138 | Python CPython up to 3.14.0b1 TarFile.extractall/TarFile.extract path traversal (Issue 135034)

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability classified as critical was found in Python CPython up to 3.14.0b1. Affected by this vulnerability is the function TarFile.extractall/TarFile.extract. The manipulation leads to path traversal.

This vulnerability is known as CVE-2025-4138. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-4138 | Python CPython up to 3.14.0b1 TarFile.extractall/TarFile.extract path traversal (Issue 135034)

Post correlati

CVE-2025-4609 | Google Chrome up to 136.0.7103.92 Mojo privilege escalation

CVE-2024-20279 | Cisco Application Policy Infrastructure Controller (APIC) Restricted Security Domain access control (cisco-sa-apic-cousmo-uBpBYGbq)

CVE-2025-5285 | Product Subtitle for WooCommerce Plugin up to 1.3.9 on WordPress htmlTag cross site scripting

CVE-2024-3013 | FLIR AX8 up to 1.46.16 User Registration test_login.php improper authorization