CVE-2025-4138 | Python CPython up to 3.14.0b1 TarFile.extractall/TarFile.extract path traversal (Issue 135034)

A vulnerability classified as critical was found in Python CPython up to 3.14.0b1. Affected by this vulnerability is the function TarFile.extractall/TarFile.extract. The manipulation leads to path traversal.

This vulnerability is known as CVE-2025-4138. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More