CVE-2007-4559

CRITICAL

Exploit for Path Traversal in Python

Details

CVSS v3: 9.8
CVSS v2: 6.8
NVD published: 2007-08-28 01:17:00
EPSS: 90.6% probability · 99.6th percentile — 2026-04-17
Affected versions: cpe:2.3:a:python:python:*:*:*:*:*:*:*:* cpe:2.3:a:python:python:*:*:*:*:*:*:*:* cpe:2.3:a:python:python:*:*:*:*:*:*:*:* cpe:2.3:a:python:python:*:*:*:*:*:*:*:* cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
Summary: Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Remediation: Not available in our cache.
Exploit info: http://mail.python.org/pipermail/python-dev/2007-August/074292.html

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.