Table of Contents

Public Date:
263261: CVE-2007-4559 python tarfile module directory traversal

The MITRE CVE dictionary describes this issue as:

Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.

Find out more about CVE-2007-4559 from the MITRE CVE dictionary dictionary and NIST NVD.


Red Hat is aware of this issue and is tracking it via the following bug:

The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:

Last Modified

CVE description copyright © 2017, The MITRE Corporation