VYPR
High severity7.5OSV Advisory· Published Jun 3, 2025· Updated Apr 15, 2026

CVE-2025-4435

CVE-2025-4435

Description

When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

171

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.