Логотип exploitDog
bind:CVE-2024-12718
Консоль
Логотип exploitDog

exploitDog

bind:CVE-2024-12718

Количество 18

Количество 18

ubuntu логотип

CVE-2024-12718

2 месяца назад

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distrib...

CVSS3: 5.3
EPSS: Низкий
redhat логотип

CVE-2024-12718

2 месяца назад

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distrib...

CVSS3: 7.6
EPSS: Низкий
nvd логотип

CVE-2024-12718

2 месяца назад

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distribu

CVSS3: 5.3
EPSS: Низкий
debian логотип

CVE-2024-12718

2 месяца назад

Allows modifying some file metadata (e.g. last modified) with filter=" ...

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-2pg8-h2j6-28xm

2 месяца назад

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distr...

CVSS3: 5.3
EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02057-1

около 2 месяцев назад

Security update for python311

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02050-1

около 2 месяцев назад

Security update for python39

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02049-1

около 2 месяцев назад

Security update for python311

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02048-1

около 2 месяцев назад

Security update for python312

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02047-1

около 2 месяцев назад

Security update for python310

EPSS: Низкий
oracle-oval логотип

ELSA-2025-10189

около 1 месяца назад

ELSA-2025-10189: python3.12 security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2025-10148

около 1 месяца назад

ELSA-2025-10148: python3.11 security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2025-10140

около 1 месяца назад

ELSA-2025-10140: python3.12 security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2025-10136

около 1 месяца назад

ELSA-2025-10136: python3.9 security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2025-10128

около 1 месяца назад

ELSA-2025-10128: python3 security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2025-10031

около 1 месяца назад

ELSA-2025-10031: python3.12 security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2025-10026

около 1 месяца назад

ELSA-2025-10026: python3.11 security update (IMPORTANT)

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2025:02074-1

около 1 месяца назад

Security update for python313

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
ubuntu логотип
CVE-2024-12718

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distrib...

CVSS3: 5.3
0%
Низкий
2 месяца назад
redhat логотип
CVE-2024-12718

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distrib...

CVSS3: 7.6
0%
Низкий
2 месяца назад
nvd логотип
CVE-2024-12718

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distribu

CVSS3: 5.3
0%
Низкий
2 месяца назад
debian логотип
CVE-2024-12718

Allows modifying some file metadata (e.g. last modified) with filter=" ...

CVSS3: 5.3
0%
Низкий
2 месяца назад
github логотип
GHSA-2pg8-h2j6-28xm

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter  for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distr...

CVSS3: 5.3
0%
Низкий
2 месяца назад
suse-cvrf логотип
SUSE-SU-2025:02057-1

Security update for python311

около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02050-1

Security update for python39

около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02049-1

Security update for python311

около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02048-1

Security update for python312

около 2 месяцев назад
suse-cvrf логотип
SUSE-SU-2025:02047-1

Security update for python310

около 2 месяцев назад
oracle-oval логотип
ELSA-2025-10189

ELSA-2025-10189: python3.12 security update (IMPORTANT)

около 1 месяца назад
oracle-oval логотип
ELSA-2025-10148

ELSA-2025-10148: python3.11 security update (IMPORTANT)

около 1 месяца назад
oracle-oval логотип
ELSA-2025-10140

ELSA-2025-10140: python3.12 security update (IMPORTANT)

около 1 месяца назад
oracle-oval логотип
ELSA-2025-10136

ELSA-2025-10136: python3.9 security update (IMPORTANT)

около 1 месяца назад
oracle-oval логотип
ELSA-2025-10128

ELSA-2025-10128: python3 security update (IMPORTANT)

около 1 месяца назад
oracle-oval логотип
ELSA-2025-10031

ELSA-2025-10031: python3.12 security update (IMPORTANT)

около 1 месяца назад
oracle-oval логотип
ELSA-2025-10026

ELSA-2025-10026: python3.11 security update (IMPORTANT)

около 1 месяца назад
suse-cvrf логотип
SUSE-SU-2025:02074-1

Security update for python313

около 1 месяца назад

Уязвимостей на страницу