CVE-2025-4330 - Vulnerability Details

- Extraction filter bypass for linking outside extraction directory

Description

Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata.

You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information.

Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected.

Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.

Published: 2025-06-03

Score: 7.5 High

EPSS: 1.0% Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability allows the tarfile extraction filter to be ignored. An attacker can create a tar archive that contains symbolic links pointing outside the intended extraction directory. When the archive is extracted with TarFile.extractall() or extract() and the filter parameter is set to "data" or "tar", the library will follow those links and write files at the target locations, modifying or creating arbitrary files and metadata. This constitutes a CWE-22, allowing local systems to perform arbitrary file writes and potentially gain elevated privileges.

Affected Systems

The issue exists in the CPython implementation distributed by the Python Software Foundation. It affects systems running CPython versions before the applied patches, including those bundled with Red Hat Enterprise Linux 8 and 9, RHEL AUS, RHEL E4S, RHEL EUS, RHEL TUS, and RHEL 10 derivatives as enumerated by the provided CPE strings.

Risk and Exploitability

The CVSS score of 7.5 indicates a high impact potential when the flaw is exercised. The EPSS score of 1% modestly indicates that exploitation is not yet widespread but remains feasible. The vulnerability is not listed in the CISA KEV catalog, so no large‑scale publicly executed exploits are known. An attacker requires local code execution to supply a crafted tar archive; once executed, the attacker can overwrite files outside the designated extraction directory, leading to data corruption or privilege escalation if privileged processes extract the archive.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Python Software Foundation

CPython

unaffected

Version	Status	Constraints
`0`	affected	< 3.10.18
`3.11.0`	affected	< 3.11.13
`3.12.0`	affected	< 3.12.11
`3.13.0`	affected	< 3.13.4
`3.14.0a1`	affected	< 3.14.0b3

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 10
python3.12-0:3.12.9-2.el10_0.2	cpe:/o:redhat:enterprise_linux:10.0	RHSA-2025:10140	2025-07-01T00:00:00Z
Red Hat Enterprise Linux 8
python3.11-0:3.11.13-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:10026	2025-07-01T00:00:00Z
python3.12-0:3.12.11-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:10031	2025-07-01T00:00:00Z
python3-0:3.6.8-70.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:10128	2025-07-01T00:00:00Z
python3-0:3.6.8-70.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2025:10128	2025-07-01T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
python3-0:3.6.8-47.el8_6.8	cpe:/a:redhat:rhel_aus:8.6	RHSA-2025:10484	2025-07-07T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support EXTENSION
python3-0:3.6.8-47.el8_6.8	cpe:/a:redhat:rhel_eus_long_life:8.6	RHSA-2025:10484	2025-07-07T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
python3-0:3.6.8-47.el8_6.8	cpe:/a:redhat:rhel_tus:8.6	RHSA-2025:10484	2025-07-07T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
python3-0:3.6.8-47.el8_6.8	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2025:10484	2025-07-07T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support EXTENSION
python3-0:3.6.8-51.el8_8.10	cpe:/a:redhat:rhel_eus_long_life:8.8	RHSA-2025:10602	2025-07-08T00:00:00Z
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
python3-0:3.6.8-51.el8_8.10	cpe:/a:redhat:rhel_tus:8.8	RHSA-2025:10602	2025-07-08T00:00:00Z
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
python3-0:3.6.8-51.el8_8.10	cpe:/a:redhat:rhel_e4s:8.8	RHSA-2025:10602	2025-07-08T00:00:00Z
Red Hat Enterprise Linux 9
python3.9-0:3.9.21-2.el9_6.1	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:10136	2025-07-01T00:00:00Z
python3.11-0:3.11.11-2.el9_6.1	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:10148	2025-07-01T00:00:00Z
python3.12-0:3.12.9-1.el9_6.1	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:10189	2025-07-02T00:00:00Z
python3.9-0:3.9.21-2.el9_6.1	cpe:/o:redhat:enterprise_linux:9	RHSA-2025:10136	2025-07-01T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
python3.12-0:3.12.1-4.el9_4.6	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:10028	2025-07-01T00:00:00Z
python3.9-0:3.9.18-3.el9_4.8	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:10399	2025-07-07T00:00:00Z
python3.11-0:3.11.7-1.el9_4.8	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:9918	2025-06-30T00:00:00Z

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade CPython to a patched release that disables the extraction filter bypass (e.g., move to the latest 3.14 or later version that contains the fix).
If an immediate upgrade is not possible, avoid extracting untrusted tar archives with TarFile.extractall() or extract() using the filter values "data" or "tar"; perform such operations in a sandboxed or isolated environment.
As a temporary mitigation, validate all extracted file paths before extraction or use a custom extraction routine that enforces that symlink targets remain within the intended destination directory.

Generated by OpenCVE AI on April 22, 2026 at 11:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-16737	Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
Ubuntu USN	USN-7583-1	Python vulnerabilities

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.01012.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f
https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da
https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9
https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a
https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e
https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a
https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a
https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01
https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1
https://github.com/python/cpython/issues/135034
https://github.com/python/cpython/pull/135037
https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/
https://nvd.nist.gov/vuln/detail/CVE-2025-4330
https://www.cve.org/CVERecord?id=CVE-2025-4330

History

Wed, 09 Jul 2025 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_e4s:8.8 cpe:/a:redhat:rhel_eus_long_life:8.8 cpe:/a:redhat:rhel_tus:8.8

Tue, 08 Jul 2025 02:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Long Life Redhat rhel Tus
CPEs		cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_eus_long_life:8.6 cpe:/a:redhat:rhel_tus:8.6
Vendors & Products		Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Long Life Redhat rhel Tus

Wed, 02 Jul 2025 14:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:10.0 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9

Wed, 02 Jul 2025 02:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8
Vendors & Products		Redhat enterprise Linux

Tue, 01 Jul 2025 02:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.4
Vendors & Products		Redhat Redhat rhel Eus

Fri, 20 Jun 2025 06:45:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2025-4330

Fri, 06 Jun 2025 19:00:00 +0000

Type	Values Removed	Values Added
References		https://www.cve.org/CVERecord?id=CVE-2025-4330
Metrics	threat_severity `None`	threat_severity `Moderate`

Thu, 05 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
Description	Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.	Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.

Tue, 03 Jun 2025 21:00:00 +0000

Type	Values Removed	Values Added
References		https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1

Tue, 03 Jun 2025 15:30:00 +0000

Type	Values Removed	Values Added
References		https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9 https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e

Tue, 03 Jun 2025 15:00:00 +0000

Type	Values Removed	Values Added
References		https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01

Tue, 03 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 03 Jun 2025 13:45:00 +0000

Type	Values Removed	Values Added
References		https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f

Tue, 03 Jun 2025 13:30:00 +0000

Type	Values Removed	Values Added
References		https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/

Tue, 03 Jun 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
Title		Extraction filter bypass for linking outside extraction directory
Weaknesses		CWE-22
References		https://github.com/python/cpython/issues/135034 https://github.com/python/cpython/pull/135037
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}`

Subscriptions

Redhat Enterprise Linux Rhel Aus Rhel E4s Rhel Eus Rhel Eus Long Life Rhel Tus

MITRE

Status: PUBLISHED

Assigner: PSF

Published: 2025-06-03T12:58:57.452Z

Updated: 2026-04-21T20:16:19.312Z

Reserved: 2025-05-05T15:05:14.302Z

Link: CVE-2025-4330

Vulnrichment

Updated: 2025-06-03T13:27:35.924Z

NVD

Status : Deferred

Published: 2025-06-03T13:15:20.503

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-4330

Redhat

Severity : Moderate

Publid Date: 2025-06-03T12:58:57Z

Links: CVE-2025-4330 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-22T11:30:15Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object