The CVE documents a bypass of the tarfile.data_filter mechanism, allowing crafted tar archives that include specially formed link entries—such as symlinks with empty or directory-like names—to redirect subsequent archive members outside the specified extraction directory. When extractall() is called, these redirected members can be written to any location the extracting process can access, resulting in an arbitrary file write that may expose or overwrite critical system files.

The flaw is present in the CPython implementation of the tarfile module supplied by the Python Software Foundation. Any CPython release that has not yet been updated to include the patch referenced in the Python issue tracker is vulnerable. Specific version numbers are not listed, so all affected releases should be treated as at risk until an official fix is applied.

The CVSS score of 6.9 indicates a moderate severity, though the EPSS score is not available, making exact exploitation likelihood uncertain. The vulnerability is not listed in CISA’s KEV catalog. Attackers can exploit this by delivering a malicious tar archive to a process running tarfile extraction. If the process has elevated privileges—e.g., root or a user directory that allows writing system files—it can create or overwrite arbitrary files outside the intended extraction tree. The attack requires control over the archive contents, but otherwise has no additional prerequisites beyond possession of tarfile.extractall() usage.