Critical Vulnerability Found in Python TarFile Module Allows File System Manipulation

Experts in information security have identified five vulnerabilities in the `tarfile` module of Python, which is included in the standard library and provides functions for reading and writing tar archives. One of these vulnerabilities has been classified as critical.

According to information from OpenNET, the vulnerabilities have been addressed in the releases of Python 3.13.4 and 3.12.11. The most severe issue, identified as CVE-2025-4517, allows an attacker to write files to any part of the file system when unpacking a specially crafted archive. If exploited in system scripts that utilize `tarfile` and are executed with root privileges—such as package management tools and isolated container utilities—this vulnerability could be leveraged to escalate privileges or escape the confines of an isolated container.

CVE-2025-4517 affects projects that utilize the `tarfile` module to unpack untrusted tar archives via the TarFile.extractall() or TarFile.extract() functions with the `filter=` argument set to «data» or «tar». This vulnerability is caused by improper handling of the «..» sequence in link names. It impacts Python versions starting from 3.12. The ‘filter=»data»‘ mode is the default in the upcoming Python 3.14 branch, expected to be released in autumn 2025.

Other vulnerabilities within TarFile include:

— **CVE-2025-4330**: This allows bypassing the extraction filter, potentially leading to the extraction of a symbolic link that points outside the base directory into which the archive is being unpacked.

— **CVE-2025-4138**: It permits the creation of arbitrary symbolic links outside the base directory when unpacking archives with the ‘filter=»data»‘ option.

— **CVE-2024-12718**: This vulnerability enables the alteration of metadata (such as modification times) of files outside the base directory when unpacking archives with ‘filter=»data»‘, or changing access permissions (chmod) when unpacking with ‘filter=»tar»‘.

— **CVE-2025-4435**: If the TarFile.errorlevel parameter is set to 0 during extraction, elements of the archive that match the specified filter were unpacked instead of being ignored, contrary to the documentation.