{"id":"CLSA-2025-1762958654","summary":"python3: Fix of 5 CVEs","details":"- CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4517:\n  fix multiple tarfile extraction filter bypasses (filter=\"tar\"/filter=\"data\")","modified":"2026-06-01T00:33:26.996032270Z","published":"2025-11-12T14:44:18Z","upstream":["CVE-2024-12718","CVE-2025-4138","CVE-2025-4330","CVE-2025-4435","CVE-2025-4517"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/oraclelinux7els/CLSA-2025-1762958654.html"}],"affected":[{"package":{"name":"python3","ecosystem":"TuxCare:OracleLinux:7","purl":"pkg:rpm/tuxcare/python3?distro=oraclelinux-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.8-21.0.5.el7_9.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1762958654.json"}},{"package":{"name":"python3-debug","ecosystem":"TuxCare:OracleLinux:7","purl":"pkg:rpm/tuxcare/python3-debug?distro=oraclelinux-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.8-21.0.5.el7_9.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1762958654.json"}},{"package":{"name":"python3-devel","ecosystem":"TuxCare:OracleLinux:7","purl":"pkg:rpm/tuxcare/python3-devel?distro=oraclelinux-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.8-21.0.5.el7_9.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1762958654.json"}},{"package":{"name":"python3-idle","ecosystem":"TuxCare:OracleLinux:7","purl":"pkg:rpm/tuxcare/python3-idle?distro=oraclelinux-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.8-21.0.5.el7_9.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1762958654.json"}},{"package":{"name":"python3-libs","ecosystem":"TuxCare:OracleLinux:7","purl":"pkg:rpm/tuxcare/python3-libs?distro=oraclelinux-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.8-21.0.5.el7_9.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1762958654.json"}},{"package":{"name":"python3-test","ecosystem":"TuxCare:OracleLinux:7","purl":"pkg:rpm/tuxcare/python3-test?distro=oraclelinux-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.8-21.0.5.el7_9.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1762958654.json"}},{"package":{"name":"python3-tkinter","ecosystem":"TuxCare:OracleLinux:7","purl":"pkg:rpm/tuxcare/python3-tkinter?distro=oraclelinux-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.8-21.0.5.el7_9.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1762958654.json"}}],"schema_version":"1.7.5"}