CVE-2025-59825 is a path traversal vulnerability affecting the astral-sh project's tokio-tar library, a Rust-based asynchronous tar archive reading and writing tool. Versions prior to 0.5.4 of tokio-tar contain a flaw in the Entry::unpack_in_raw API that allows malicious tar archives to extract files outside the intended destination directory. This occurs due to improper limitation of pathnames (CWE-22) and inadequate handling of symbolic links (CWE-61). Specifically, the Entry::allow_external_symlinks control, which is enabled by default, can be bypassed by crafting a pair of symlinks that individually point within the destination directory but, when combined, resolve to locations outside it. This bypass enables an attacker to write arbitrary files anywhere on the filesystem accessible by the process running the extraction. Such arbitrary file writes can lead to privilege escalation or code execution if critical files are overwritten or malicious binaries/scripts are placed in executable paths. The vulnerability requires no user interaction, no privileges, and has low attack complexity, but local access to supply a malicious tar archive is necessary. The issue was patched in version 0.5.4, and no alternative mitigations exist. The CVSS 4.0 base score is 6.1 (medium severity), reflecting high impact on confidentiality, integrity, and availability due to potential arbitrary file writes, but limited attack vector (local) and no authentication required. No known exploits are reported in the wild as of publication.

For European organizations, this vulnerability poses a significant risk especially to software projects, CI/CD pipelines, or automated systems that utilize the vulnerable tokio-tar library for asynchronous tar archive extraction. Attackers could craft malicious tar files that, when processed by vulnerable versions, overwrite critical configuration files, inject malicious code, or place backdoors, potentially leading to system compromise or lateral movement within networks. Industries relying heavily on Rust-based tooling or custom software development, such as finance, manufacturing, and technology sectors, may be particularly exposed. Given the asynchronous nature of tokio-tar, this vulnerability could be exploited in high-throughput environments, amplifying damage. The lack of required privileges or user interaction means that any automated process handling untrusted tar files is at risk. Additionally, supply chain attacks could leverage this flaw by embedding malicious archives in software distributions. The impact extends to confidentiality (data exposure or tampering), integrity (unauthorized file modification), and availability (disruption via overwriting critical files).

The primary and only effective mitigation is to upgrade the tokio-tar library to version 0.5.4 or later, where the vulnerability has been patched. Organizations should audit their codebases and dependencies to identify usage of astral-sh tokio-tar versions below 0.5.4 and update accordingly. For environments where immediate upgrade is not feasible, strict validation and sanitization of tar archives before extraction should be implemented, including rejecting archives containing suspicious symlink chains or path traversal patterns. Running extraction processes with least privilege and within sandboxed or containerized environments can limit the impact of exploitation. Monitoring file system changes during extraction and employing integrity verification mechanisms post-extraction can help detect exploitation attempts. Additionally, organizations should review and harden CI/CD pipelines and automated workflows that handle tar archives to prevent processing untrusted inputs. Finally, maintain awareness of supply chain security to avoid introduction of malicious archives.