Discovery API Icon
Discovery API
Security Advisory Icon
Security Advisory
Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2007-4559

Published: August 28, 2007Last modified: September 18, 2023

Description

Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSpython3Not affected (3.11.5-r0)
Streampython3Not affected (3.11.5-r0)

References

ON THIS PAGE