Description
Poetry is a dependency manager for Python. Prior to 2.3.4, the extractall() function in src/poetry/utils/helpers.py:410-426 extracts sdist tarballs without path traversal protection on Python versions where tarfile.data_filter is unavailable. Considering only Python versions which are still supported by Poetry, these are 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4. This vulnerability is fixed in 2.3.4.
Published: 2026-04-24
Score: 0.6 Low
EPSS: < 1% Very Low
KEV: No
Impact: Path Traversal
Action: Patch
AI Analysis

Impact

The vulnerability occurs when Poetry’s extractall() function processes source distribution tarballs without path traversal protection on Python versions where the tarfile.data_filter API is unavailable. A malicious tarball can cause files to be extracted outside the intended directory, potentially allowing a local user to create or overwrite files such as configuration files or executables. This is a classic path traversal flaw (CWE‑22) and the damaging effect is inferred from the ability to write arbitrary files.

Affected Systems

Poetry releases earlier than 2.3.4 that run on Python 3.10.0 through 3.10.12 or Python 3.11.0 through 3.11.4 are affected. Poetry 2.3.4 and later contain the patch. Versions of Poetry that run on other Python releases or newer Poetry releases are not impacted.

Risk and Exploitability

The CVSS score is 0.6 and the EPSS score is below 1 %, and the vulnerability is not listed in CISA’s KEV catalog. Exploitation requires a local user who can run Poetry and has write access to the extraction target; the attack vector is therefore local. While the probability of widespread exploitation is low and the potential impact is confined to the user’s environment, the low severity does not diminish the need to apply the fix promptly.

Generated by OpenCVE AI on April 28, 2026 at 13:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Poetry to version 2.3.4 or newer.
  • If an upgrade cannot be performed immediately, run Poetry in an environment that limits write permissions so that extracted files cannot overwrite critical system or project files.
  • Use a Python interpreter outside the vulnerable range (e.g., Python 3.9 or 3.12) if the project permits, because those releases do not suffer from the data_filter deficiency.
  • Avoid installing packages from untrusted sources while operating under the vulnerable Python versions.

Generated by OpenCVE AI on April 28, 2026 at 13:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-73h3-mf4w-8647 Poetry has Path Traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4
History

Mon, 27 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Python-poetry
Python-poetry poetry
Vendors & Products Python-poetry
Python-poetry poetry

Sun, 26 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 8.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H'}

threat_severity

Important

Sat, 25 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 24 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description Poetry is a dependency manager for Python. Prior to 2.3.4, the extractall() function in src/poetry/utils/helpers.py:410-426 extracts sdist tarballs without path traversal protection on Python versions where tarfile.data_filter is unavailable. Considering only Python versions which are still supported by Poetry, these are 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4. This vulnerability is fixed in 2.3.4.
Title Poetry: Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4
Weaknesses CWE-22
References
Metrics cvssV4_0

{'score': 0.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U'}

Subscriptions

Python-poetry Poetry
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-24T18:03:02.013Z

Reserved: 2026-04-17T12:59:15.738Z

Link: CVE-2026-41140

cve-icon Vulnrichment

Updated: 2026-04-24T18:02:58.110Z

cve-icon NVD

Status : Deferred

Published: 2026-04-24T18:16:28.613

Modified: 2026-04-27T18:53:00.053

Link: CVE-2026-41140

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-24T17:10:33Z

Links: CVE-2026-41140 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T13:45:06Z

Weaknesses