CVE-2025-4330: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Python Software Foundation CPython
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
AI Analysis
Technical Summary
This vulnerability (CVE-2025-4330) in the Python Software Foundation's CPython tarfile module involves improper limitation of a pathname to a restricted directory (CWE-22). Specifically, when extracting tar archives using TarFile.extractall() or TarFile.extract() with the filter parameter set to "data" or "tar", the extraction filter can be ignored. This allows symlink targets within the archive to point outside the intended destination directory, potentially modifying file metadata outside the extraction scope. The issue affects Python versions from 0 up to 3.14.0a1, with the default filter value changing to "data" in Python 3.14, thus broadening the impact. The vulnerability is rated high severity with a CVSS score of 7.5, reflecting network attack vector, low attack complexity, no privileges required, no user interaction, and an integrity impact. No patch or official fix information is provided in the data, and no known exploits are reported.
Potential Impact
The vulnerability allows an attacker to bypass the extraction filter in the tarfile module, enabling symlink targets in tar archives to point outside the intended extraction directory. This can lead to unauthorized modification of file metadata outside the extraction path, impacting system integrity. There is no reported impact on confidentiality or availability. The vulnerability is exploitable remotely without privileges or user interaction, increasing risk. However, source distributions are less affected due to existing arbitrary code execution risks during build processes.
Mitigation Recommendations
Patch status is not yet confirmed — check the Python Software Foundation advisory for current remediation guidance. Until an official fix is available, avoid extracting untrusted tar archives using TarFile.extractall() or TarFile.extract() with the filter parameter set to "data" or "tar". Exercise caution when handling source distributions with suspicious symbolic links. Monitor the official Python tarfile documentation and security advisories for updates on patches or mitigations.
CVE-2025-4330: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Python Software Foundation CPython
Description
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2025-4330) in the Python Software Foundation's CPython tarfile module involves improper limitation of a pathname to a restricted directory (CWE-22). Specifically, when extracting tar archives using TarFile.extractall() or TarFile.extract() with the filter parameter set to "data" or "tar", the extraction filter can be ignored. This allows symlink targets within the archive to point outside the intended destination directory, potentially modifying file metadata outside the extraction scope. The issue affects Python versions from 0 up to 3.14.0a1, with the default filter value changing to "data" in Python 3.14, thus broadening the impact. The vulnerability is rated high severity with a CVSS score of 7.5, reflecting network attack vector, low attack complexity, no privileges required, no user interaction, and an integrity impact. No patch or official fix information is provided in the data, and no known exploits are reported.
Potential Impact
The vulnerability allows an attacker to bypass the extraction filter in the tarfile module, enabling symlink targets in tar archives to point outside the intended extraction directory. This can lead to unauthorized modification of file metadata outside the extraction path, impacting system integrity. There is no reported impact on confidentiality or availability. The vulnerability is exploitable remotely without privileges or user interaction, increasing risk. However, source distributions are less affected due to existing arbitrary code execution risks during build processes.
Mitigation Recommendations
Patch status is not yet confirmed — check the Python Software Foundation advisory for current remediation guidance. Until an official fix is available, avoid extracting untrusted tar archives using TarFile.extractall() or TarFile.extract() with the filter parameter set to "data" or "tar". Exercise caution when handling source distributions with suspicious symbolic links. Monitor the official Python tarfile documentation and security advisories for updates on patches or mitigations.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- PSF
- Date Reserved
- 2025-05-05T15:05:14.302Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 683eff8d182aa0cae27db842
Added to database: 6/3/2025, 1:58:37 PM
Last enriched: 4/22/2026, 5:42:18 AM
Last updated: 5/8/2026, 11:49:14 AM
Views: 113
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.