Back to CVE List

CVE-2025-13462

Vulnerability Description

The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-20
Source
NVD
Vendor
Python Software Foundation
Product
CPython

External References

Discussion (0)

Add Comment

No comments yet. Be the first!