Low severity3.3NVD Advisory· Published Mar 12, 2026· Updated Jun 11, 2026
CVE-2025-13462
CVE-2025-13462
Description
The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
119(expand)+ 9 more
- (no CPE)
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*range: <3.13.13
- cpe:2.3:a:python:python:3.15.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.15.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.15.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.15.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.15.0:alpha5:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.15.0:alpha6:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.15.0:alpha7:*:*:*:*:*:*
- (no CPE)
- osv-coords109 versionspkg:apk/chainguard/python-3.13pkg:apk/chainguard/python-3.14pkg:apk/wolfi/python-3.13pkg:apk/wolfi/python-3.14pkg:bitnami/pythonpkg:bitnami/python-minpkg:rpm/opensuse/python310-core&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python310&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python310&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python310-documentation&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python311-core&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python311&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python311&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python311-documentation&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python312-core&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python312&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python312&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python312-documentation&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python313-core&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/python313&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/python313&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python313-documentation&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/python313-nogil&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/python313-nogil-nogil-core&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/python314&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python315&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python39-core&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python39&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python39-documentation&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python-base&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python-doc&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/python310-core&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/python310-core&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/python310-core&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/python310-core&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/python310&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/python310&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/python310&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/python310&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP7pkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP7pkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/python311&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/python311-documentation&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/python311-documentation&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/python311-documentation&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/python311-documentation&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/python311-documentation&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/python311-documentation&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/python311-documentation&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/python311-documentation&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/python312-core&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/python312-core&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/python312&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/python312&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/python313-core&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP7pkg:rpm/suse/python313-core&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/python313-core&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/python313-core&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/python313&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP7pkg:rpm/suse/python313&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/python313&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/python313&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/python313-documentation&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/python313-documentation&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/python36-core&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/python36-core&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/python36&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/python36&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/python39-core&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/python39-core&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/python39&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/python39&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/python-doc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/python-doc&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 3.13.13-r0+ 108 more
- (no CPE)range: < 3.13.13-r0
- (no CPE)range: < 3.14.4-r0
- (no CPE)range: < 3.13.13-r0
- (no CPE)range: < 3.14.4-r0
- (no CPE)range: < 3.15.0
- (no CPE)range: < 3.15.0
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.10.20-3.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.11.15-4.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.12.13-150600.3.53.1
- (no CPE)range: < 3.12.13-150600.3.53.1
- (no CPE)range: < 3.12.13-4.1
- (no CPE)range: < 3.12.13-150600.3.53.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.12-3.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.14.3-4.1
- (no CPE)range: < 3.15.0~a7-3.1
- (no CPE)range: < 3.9.25-150300.4.99.1
- (no CPE)range: < 3.9.25-150300.4.99.1
- (no CPE)range: < 3.9.25-150300.4.99.1
- (no CPE)range: < 2.7.18-150000.111.1
- (no CPE)range: < 2.7.18-150000.111.1
- (no CPE)range: < 2.7.18-150000.111.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.10.20-150400.4.107.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.11.15-slfo.1.1_3.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150600.3.53.1
- (no CPE)range: < 3.11.15-slfo.1.1_3.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.11.15-150400.9.85.1
- (no CPE)range: < 3.12.13-150600.3.53.1
- (no CPE)range: < 3.12.13-150600.3.53.1
- (no CPE)range: < 3.12.13-150600.3.53.1
- (no CPE)range: < 3.12.13-150600.3.53.1
- (no CPE)range: < 3.13.13-150700.4.45.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-150700.4.45.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.13.13-160000.1.1
- (no CPE)range: < 3.6.15-108.1
- (no CPE)range: < 3.6.15-108.1
- (no CPE)range: < 3.6.15-108.1
- (no CPE)range: < 3.6.15-108.1
- (no CPE)range: < 3.9.25-150300.4.99.1
- (no CPE)range: < 3.9.25-150300.4.99.1
- (no CPE)range: < 3.9.25-150300.4.99.1
- (no CPE)range: < 3.9.25-150300.4.99.1
- (no CPE)range: < 3.4.10-25.180.1
- (no CPE)range: < 3.4.10-25.180.1
- (no CPE)range: < 3.4.10-25.180.1
- (no CPE)range: < 3.4.10-25.180.1
- (no CPE)range: < 2.7.18-150000.111.1
- (no CPE)range: < 2.7.18-33.74.1
- (no CPE)range: < 2.7.18-33.74.1
- (no CPE)range: < 2.7.18-150000.111.1
- (no CPE)range: < 2.7.18-33.74.1
- (no CPE)range: < 2.7.18-33.74.1
- (no CPE)range: < 2.7.18-33.74.1
- (no CPE)range: < 2.7.18-33.74.1
Patches
Vulnerability mechanics
References
9- github.com/python/cpython/commit/42d754e34c06e57ad6b8e7f92f32af679912d8abnvdPatch
- github.com/python/cpython/commit/72dde1016493c52abe857fc4a7bf6c40138b4114nvdPatch
- github.com/python/cpython/commit/7ad3093d76a748af55bdb1d2e8aad3638163b017nvdPatch
- github.com/python/cpython/commit/9a23b753552afa28e3a2f4d8863572fc66479406nvdPatch
- github.com/python/cpython/commit/ae99fe3a33b43e303a05f012815cef60b611a9c7nvdPatch
- github.com/python/cpython/commit/d10950739a78f54d0718d88fb5a868374603c084nvdPatch
- github.com/python/cpython/pull/143934nvdIssue TrackingPatch
- mail.python.org/archives/list/security-announce@python.org/thread/EOMI5I66ZMKQ2INNFT6T7IAIKUGPZYIE/nvdMailing ListVendor Advisory
- github.com/python/cpython/issues/141707nvdIssue Tracking
News mentions
0No linked articles in our index yet.