What is CVE-2007-4559?

CVE-2007-4559 is a vulnerability in N/a. Published 2007-08-28.

Is CVE-2007-4559 known to be exploited?

23 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-4559

Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive…

EPSS: 0.894 (99.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

26623 (third-party-advisory)
ADV-2007-3022 (vdb-entry)
bugzilla.redhat.com/show_bug.cgi
[python-dev] 20070824 tarfile and directory traversal vulnerability (mailing-list)
[python-dev] 20070825 tarfile and directory traversal vulnerability (mailing-list)
GLSA-202309-06 (vendor-advisory)
FEDORA-2024-d1f1084584 (vendor-advisory)
FEDORA-2024-ebb3c95344 (vendor-advisory)
FEDORA-2024-46374d2703 (vendor-advisory)

Frequently asked questions

What is CVE-2007-4559?: CVE-2007-4559 is a vulnerability in N/a. Published 2007-08-28.
Is CVE-2007-4559 known to be exploited?: 23 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.