CVE-2025-4138: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Python Software Foundation CPython
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
AI Analysis
Technical Summary
This vulnerability in CPython's tarfile module (CVE-2025-4138) involves improper limitation of pathnames (CWE-22) during extraction of tar archives. Specifically, when using the extraction filters "data" or "tar" with TarFile.extractall() or TarFile.extract(), the filter can be ignored, allowing symlink targets to escape the destination directory. This can lead to unauthorized file system modifications outside the intended extraction path. The issue affects Python versions from 0 through 3.14.0a1, with the default filter changing to "data" in Python 3.14, thus broadening the impact. No known exploits are reported in the wild as of the publication date.
Potential Impact
An attacker providing a crafted tar archive can cause symlink targets to point outside the extraction directory, potentially modifying files or metadata outside the intended scope. This can lead to unauthorized file system changes. The vulnerability has a CVSS score of 7.5 (high severity), reflecting network attack vector, low complexity, no privileges required, no user interaction, and high confidentiality impact. It does not affect the installation of source distributions significantly since those already allow arbitrary code execution during build.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, avoid extracting untrusted tar archives using TarFile.extractall() or TarFile.extract() with the filter parameter set to "data" or "tar". Exercise caution when installing source distributions containing suspicious symbolic links. Monitor the Python Software Foundation advisories for updates and apply official patches once released.
CVE-2025-4138: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Python Software Foundation CPython
Description
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in CPython's tarfile module (CVE-2025-4138) involves improper limitation of pathnames (CWE-22) during extraction of tar archives. Specifically, when using the extraction filters "data" or "tar" with TarFile.extractall() or TarFile.extract(), the filter can be ignored, allowing symlink targets to escape the destination directory. This can lead to unauthorized file system modifications outside the intended extraction path. The issue affects Python versions from 0 through 3.14.0a1, with the default filter changing to "data" in Python 3.14, thus broadening the impact. No known exploits are reported in the wild as of the publication date.
Potential Impact
An attacker providing a crafted tar archive can cause symlink targets to point outside the extraction directory, potentially modifying files or metadata outside the intended scope. This can lead to unauthorized file system changes. The vulnerability has a CVSS score of 7.5 (high severity), reflecting network attack vector, low complexity, no privileges required, no user interaction, and high confidentiality impact. It does not affect the installation of source distributions significantly since those already allow arbitrary code execution during build.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, avoid extracting untrusted tar archives using TarFile.extractall() or TarFile.extract() with the filter parameter set to "data" or "tar". Exercise caution when installing source distributions containing suspicious symbolic links. Monitor the Python Software Foundation advisories for updates and apply official patches once released.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- PSF
- Date Reserved
- 2025-04-30T13:35:55.675Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 683ef89a182aa0cae27cb26f
Added to database: 6/3/2025, 1:28:58 PM
Last enriched: 4/22/2026, 5:42:13 AM
Last updated: 5/10/2026, 3:51:53 AM
Views: 97
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.