CVE-2025-13462
Vulnerability Description
The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-20
Source
NVD
Vendor
Python Software Foundation
Product
CPython
Discussion (0)
Add Comment
No comments yet. Be the first!