CVE-2024-12718 | Python CPython up to 3.14.0b1 TarFile.extractall/TarFile.extract path traversal (Issue 127987)

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability classified as critical has been found in Python CPython up to 3.14.0b1. Affected is the function TarFile.extractall/TarFile.extract. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2024-12718. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-12718 | Python CPython up to 3.14.0b1 TarFile.extractall/TarFile.extract path traversal (Issue 127987)

Post correlati

CVE-2024-39863 | Apache Airflow up to 2.9.2 Provider Installation cross site scripting

CVE-2024-51259 | DrayTek Vigor 3900 1.5.1.3 mainfunction.cgi setup_cacertificate command injection

CVE-2024-8068 | Citrix Session Recording privileges management (CTX691941)

CVE-2025-27275 | andrew_fisher WOO Codice Fiscale Plugin up to 1.6.3 on WordPress cross site scripting