CVE-2025-4138 - Vulnerability Details

- Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

Description

Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata.

You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information.

Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected.

Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.

Published: 2025-06-03

Score: 7.5 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

This flaw lets the tarfile module ignore the extraction filter, permitting attackers to craft tar archives that create symbolic links pointing to arbitrary locations outside the intended extraction directory. When TarFile.extractall() or TarFile.extract() is called with filter='data' or 'tar', the symlink creation is not constrained, and file metadata can be altered. The result is potential overwrite of critical files, enabling persistence or privilege escalation. The weakness is a Path Traversal flaw (CWE‑22).

Affected Systems

The vulnerability affects CPython – the official Python implementation – wherever the tarfile module can be invoked with the extraction filters 'data' or 'tar'. Python 3.14 and later are partially affected due to the change in the default filter value from 'no filtering' to 'data', so any use of tarfile to extract untrusted archives is exposed. Many Linux distributions, including Red Hat Enterprise Linux 8‑10, ship these Python versions, making them susceptible if they run applications that perform tar extraction.

Risk and Exploitability

The CVSS score of 7.5 signals a high severity for the potential to write across file boundaries, and the EPSS < 1 % indicates that exploitation is expected to be rare at present. The vulnerability is not listed in the CISA KEV catalog. Attackers can exploit the flaw by delivering malicious tar archives to a Python process that performs extraction with 'data' or 'tar' filters, either locally or over a network. The attack requires code execution during extraction; it does not grant arbitrary code execution by itself but can lead to integrity compromise or serve as a foothold for further escalation.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Python Software Foundation

CPython

unaffected

Version	Status	Constraints
`0`	affected	< 3.10.18
`3.11.0`	affected	< 3.11.13
`3.12.0`	affected	< 3.12.11
`3.13.0`	affected	< 3.13.4
`3.14.0a1`	affected	< 3.14.0b3

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 10
python3.12-0:3.12.9-2.el10_0.2	cpe:/o:redhat:enterprise_linux:10.0	RHSA-2025:10140	2025-07-01T00:00:00Z
Red Hat Enterprise Linux 8
python3.11-0:3.11.13-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:10026	2025-07-01T00:00:00Z
python3.12-0:3.12.11-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:10031	2025-07-01T00:00:00Z
python3-0:3.6.8-70.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:10128	2025-07-01T00:00:00Z
python3-0:3.6.8-70.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2025:10128	2025-07-01T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
python3-0:3.6.8-47.el8_6.8	cpe:/a:redhat:rhel_aus:8.6	RHSA-2025:10484	2025-07-07T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support EXTENSION
python3-0:3.6.8-47.el8_6.8	cpe:/a:redhat:rhel_eus_long_life:8.6	RHSA-2025:10484	2025-07-07T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
python3-0:3.6.8-47.el8_6.8	cpe:/a:redhat:rhel_tus:8.6	RHSA-2025:10484	2025-07-07T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
python3-0:3.6.8-47.el8_6.8	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2025:10484	2025-07-07T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support EXTENSION
python3-0:3.6.8-51.el8_8.10	cpe:/a:redhat:rhel_eus_long_life:8.8	RHSA-2025:10602	2025-07-08T00:00:00Z
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
python3-0:3.6.8-51.el8_8.10	cpe:/a:redhat:rhel_tus:8.8	RHSA-2025:10602	2025-07-08T00:00:00Z
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
python3-0:3.6.8-51.el8_8.10	cpe:/a:redhat:rhel_e4s:8.8	RHSA-2025:10602	2025-07-08T00:00:00Z
Red Hat Enterprise Linux 9
python3.9-0:3.9.21-2.el9_6.1	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:10136	2025-07-01T00:00:00Z
python3.11-0:3.11.11-2.el9_6.1	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:10148	2025-07-01T00:00:00Z
python3.12-0:3.12.9-1.el9_6.1	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:10189	2025-07-02T00:00:00Z
python3.9-0:3.9.21-2.el9_6.1	cpe:/o:redhat:enterprise_linux:9	RHSA-2025:10136	2025-07-01T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
python3.12-0:3.12.1-4.el9_4.6	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:10028	2025-07-01T00:00:00Z
python3.9-0:3.9.18-3.el9_4.8	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:10399	2025-07-07T00:00:00Z
python3.11-0:3.11.7-1.el9_4.8	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:9918	2025-06-30T00:00:00Z

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade CPython to the latest release that includes the tarfile filter fix.
If upgrading is not immediately possible, avoid using the 'data' or 'tar' extraction filters; instead, implement a custom filter that rejects symlinks that point outside the intended directory.
Only extract tar archives from trusted sources and validate the target paths before extraction, ensuring that no non‑relative or absolute paths or symlinks are allowed.

Generated by OpenCVE AI on April 22, 2026 at 11:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-16724	Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
Ubuntu USN	USN-7583-1	Python vulnerabilities

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00273.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f
https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da
https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9
https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a
https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e
https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a
https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a
https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01
https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1
https://github.com/python/cpython/issues/135034
https://github.com/python/cpython/pull/135037
https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/
https://nvd.nist.gov/vuln/detail/CVE-2025-4138
https://www.cve.org/CVERecord?id=CVE-2025-4138

History

Wed, 09 Jul 2025 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_e4s:8.8 cpe:/a:redhat:rhel_eus_long_life:8.8 cpe:/a:redhat:rhel_tus:8.8

Tue, 08 Jul 2025 02:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Long Life Redhat rhel Tus
CPEs		cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_eus_long_life:8.6 cpe:/a:redhat:rhel_tus:8.6
Vendors & Products		Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Long Life Redhat rhel Tus

Wed, 02 Jul 2025 14:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:10.0 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9

Wed, 02 Jul 2025 02:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8
Vendors & Products		Redhat enterprise Linux

Tue, 01 Jul 2025 02:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.4
Vendors & Products		Redhat Redhat rhel Eus

Thu, 19 Jun 2025 06:45:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2025-4138

Mon, 16 Jun 2025 15:15:00 +0000

Type	Values Removed	Values Added
References		https://www.cve.org/CVERecord?id=CVE-2025-4138
Metrics	threat_severity `None`	threat_severity `Important`

Thu, 05 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
Description	Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.	Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.

Tue, 03 Jun 2025 21:00:00 +0000

Type	Values Removed	Values Added
References		https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

Tue, 03 Jun 2025 15:30:00 +0000

Type	Values Removed	Values Added
References		https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9 https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

Tue, 03 Jun 2025 15:00:00 +0000

Type	Values Removed	Values Added
References		https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

Tue, 03 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 03 Jun 2025 13:45:00 +0000

Type	Values Removed	Values Added
References		https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

Tue, 03 Jun 2025 13:30:00 +0000

Type	Values Removed	Values Added
References		https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

Tue, 03 Jun 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
Title		Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory
Weaknesses		CWE-22
References		https://github.com/python/cpython/issues/135034 https://github.com/python/cpython/pull/135037
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}`

Subscriptions

Redhat Enterprise Linux Rhel Aus Rhel E4s Rhel Eus Rhel Eus Long Life Rhel Tus

MITRE

Status: PUBLISHED

Assigner: PSF

Published: 2025-06-03T12:59:02.717Z

Updated: 2026-04-21T20:16:04.883Z

Reserved: 2025-04-30T13:35:55.675Z

Link: CVE-2025-4138

Vulnrichment

Updated: 2025-06-03T13:29:26.403Z

NVD

Status : Deferred

Published: 2025-06-03T13:15:20.377

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-4138

Redhat

Severity : Important

Publid Date: 2025-06-03T12:59:02Z

Links: CVE-2025-4138 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-22T11:30:15Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object