Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available

June 22, 2025

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available

Privacy & Transparencysecurityonline.info and our partners ask for your consent to use your personal data, and to store and/or access information on your device. This includes using your personal data …

Published Date:
Jun 23, 2025 (1 hour, 58 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-4517

Source: Read More

Previous ArticleWindows Update’s Driver Purge: Smoother Updates, or Hidden Headaches?

Next Article Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign

Highlights

CVE-2025-7139 – SourceCodester Best Salon Management System Cross-Site Scripting

July 7, 2025

CVE ID : CVE-2025-7139

Published : July 7, 2025, 6:15 p.m. | 4 hours, 29 minutes ago

Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /panel/edit-customer-detailed.php of the component Update Customer Details Page. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

AST Explicado: El SUPER PODER de los Devs Avanzados 🚀

Microsoft and LG turn your car into a rolling Xbox thanks to new partnership

If you’ve started to notice Xbox console games showing up on the Xbox PC store, you’re not alone — what’s going on?

CVE-2024-51768 – HPE AutoPass License Server HSQLDB Remote Code Execution Vulnerability

CVE-2025-7139 – SourceCodester Best Salon Management System Cross-Site Scripting

CVE-2024-55466 – ThingsBoard Image Gallery Remote Code Execution

CVE-2025-7803 – Descreekert wx-discuz Cross-Site Scripting Vulnerability

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available

Related Posts