CVE-2026-29509

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

5.4 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N                                    

Vulnerability Description

Patool before 4.0.5 contains a path traversal vulnerability in the safe_extract() function in patoolib/programs/py_tarfile.py when running on Python before 3.12, where the is_within_directory() helper uses os.path.commonprefix() for character-level string comparison instead of path-level comparison, allowing a crafted archive member path to bypass the containment check. Attackers can supply a malicious archive with specially crafted member paths to write arbitrary files.

Vulnerability Details

Published Date

June 26, 2026

Last Modified

June 27, 2026

CWE ID

CWE-22

Source

NVD

Vendor

wummel

Product

patool

External References

https://github.com/wummel/patool/blob/main/doc/changelog.txt
https://github.com/wummel/patool/releases/tag/4.0.5
https://www.vulncheck.com/advisories/patool-path-traversal-via-safe-extract-function

CVE-2026-29509

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment