TL;DR

• A critical vulnerability in Python's tarfile module (versions ≥ 3.12) allows attackers to modify metadata or permissions on files outside the intended extraction directory.
• The issue occurs when using filter="data" or filter="tar" with extract() or extractall().
• Risk: privilege escalation, sandbox escape, and forensic evasion.
• Affected: Python 3.12+, with filter="data" being the default in Python 3.14+.
• Fix: Upgrade to patched Python versions
• Runtime visibility tools like Sweet Security can help detect and respond to exploit attempts by reporting unexpected process or shared library activity.

Vulnerability Overview

A critical vulnerability, CVE-2024-12718, has been discovered in Python's tarfile module starting in version 3.12. The issue arises from improper handling of the filter parameter—specifically when set to "data" or "tar"—during extraction using the extract() or extractall() methods.

This flaw allows attackers to manipulate file metadata or permissions outside the intended extraction directory:

• With filter="data", attackers may alter metadata such as file modification times (mtime) on arbitrary files.
• With filter="tar", they may change file permissions on targets outside the tar extraction destination.

 Impact and Severity

While this vulnerability does not permit arbitrary code execution, it enables several high-impact attacks:

• Privilege escalation: If an archive includes a file that modifies permissions on sensitive targets like /etc/shadow, it may result in unauthorized access.
• Sandbox escape: Writing or changing metadata on files outside the intended directory breaks containment assumptions.
• Forensic evasion: Tampering with file timestamps may be used to obscure malicious behavior.
  
  

As a result, this flaw has been rated CVSS 10.0 (Critical).

Affected Versions

Python versions 3.12 and newer are affected. The vulnerability specifically impacts use of the tarfile module when extracting archives using filter="data" (the default in Python 3.14+) or filter="tar".

Mitigation Guidance

Immediate steps to mitigate this vulnerability include:

• Upgrade Python to patched versions (Python 3.9.23, Python 3.10.18, Python 3.11.13, Python 3.12.3, Python 3.13.0a4)‍
• Avoid using untrusted tar archives, especially in web-facing applications or pipelines.
• Use strict filters and validate tar content manually if extraction is required.
• Avoid filter="data" or filter="tar" when security is a concern; alternatively, implement a secure custom filter.
• Normalize paths and reject entries containing traversal patterns (e.g., ../).
  

A mitigation script was published by Seth Michael Larson for verifying tar entries.

How Sweet Keeps You Safe Against CVE-2024-12718

Sweet Security detects loaded and executed vulnerable libraries and packages, meaning Sweet can tell you if the affected version of python is running on your systems, as well as if the tarfile module has been imported.

Even with patching, post-exploitation visibility is crucial. Sweet’s runtime approach can detect suspicious behaviors that result from this vulnerability—such as unauthorized file permission changes or unexpected process/library loads—by monitoring execution in real time. This can serve as an effective line of defense in case initial containment is bypassed.

References

• NVD entry for CVE-2024-12718
• GitHub advisory GHSA-2pg8-h2j6-28xm
• Python tarfile documentation