CVE-2025-13462

ADVISORY - nist

Summary

The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations.

EPSS Score⁠: 0.00033 (0.093)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-20⁠

Improper Input Validation

CWE-434⁠

Unrestricted Upload of File with Dangerous Type

CWE-74⁠

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Impacted images

Advisories

Docker

CREATED

9 days ago

UPDATED

2 days ago

ADVISORY ID

CVE-2025-13462

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

NIST

CREATED

9 days ago

UPDATED

2 days ago

ADVISORY IDCVE-2025-13462⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-20⁠CWE-434⁠CWE-74⁠

CVSS SCORE

2low

Debian

CREATED

6 hours ago

UPDATED

6 hours ago

ADVISORY IDCVE-2025-13462⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

8 days ago

UPDATED

3 days ago

ADVISORY IDCVE-2025-13462⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

7 days ago

UPDATED

1 day ago

ADVISORY ID

BIT-libpython-2025-13462

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2low

Bitnami

CREATED

7 days ago

UPDATED

1 day ago

ADVISORY ID

BIT-python-2025-13462

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2low

Bitnami

CREATED

7 days ago

UPDATED

1 day ago

ADVISORY ID

BIT-python-min-2025-13462

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2low