Executive Summary

Informations
Name CVE-2025-4435 First vendor Publication 2025-06-03
Vendor Cve Last vendor Modification 2025-06-03

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

When using a TarFile.errorlevel = 0Â and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0Â in affected versions is that the member would still be extracted and not skipped.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4435

Sources (Detail)

https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d359...
https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad75...
https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9...
https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4...
https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde...
https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb921...
https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b58...
https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4...
https://github.com/python/cpython/issues/135034
https://github.com/python/cpython/pull/135037
https://mail.python.org/archives/list/security-announce@python.org/thread/MAX...
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2025-06-04 00:20:35
  • Multiple Updates
2025-06-03 21:21:18
  • Multiple Updates
2025-06-03 17:20:54
  • First insertion