TencentOS Server 3: python3.12 (TSSA-2025:0521)

high Nessus Plugin ID 241463

Synopsis

The remote TencentOS Server 3 host is missing one or more security updates.

Description

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0521 advisory.

Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:

CVE-2024-12718:
Allows modifying some file metadata (e.g. last modified) with filter=dataor file permissions (chmod) with filter=tarof files outside the extraction directory.
You are affected by this vulnerability if using the tarfilemodule to extract untrusted tar archives using TarFile.extractall()or TarFile.extract()using the filter=parameter with a value of dataor tar. See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature.

Note that for Python 3.14 or later the default value of filter=changed from no filtering to data, so if you are relying on this new default behavior then your usage is also affected.

Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.

CVE-2025-4138:
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata.

You are affected by this vulnerability if using the tarfilemodule to extract untrusted tar archives using TarFile.extractall()or TarFile.extract()using the filter=parameter with a value of dataor tar. See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information.

Note that for Python 3.14 or later the default value of filter=changed from no filtering to data, so if you are relying on this new default behavior then your usage is also affected.

Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.

CVE-2025-4330:
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata.

You are affected by this vulnerability if using the tarfilemodule to extract untrusted tar archives using TarFile.extractall()or TarFile.extract()using the filter=parameter with a value of dataor tar. See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information.

Note that for Python 3.14 or later the default value of filter=changed from no filtering to data, so if you are relying on this new default behavior then your usage is also affected.

Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.

CVE-2025-4435:
When using a TarFile.errorlevel = 0and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0in affected versions is that the member would still be extracted and not skipped.

CVE-2025-4517:
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=data.

You are affected by this vulnerability if using the tarfilemodule to extract untrusted tar archives using TarFile.extractall()or TarFile.extract()using the filter=parameter with a value of dataor tar. See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information.

Note that for Python 3.14 or later the default value of filter=changed from no filtering to data, so if you are relying on this new default behavior then your usage is also affected.

Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 241463

File Name: tencentos_TSSA_2025_0521.nasl

Version: 1.1

Type: local

Family: Tencent Local Security Checks

Published: 7/7/2025

Updated: 7/7/2025

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:tencent:tencentos_server:3, p-cpe:/a:tencent:tencentos_server:python3.12

Required KB Items: Host/local_checks_enabled, Host/etc/os-release, Host/TencentOS/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 7/1/2025

Vulnerability Publication Date: 7/1/2025

Detections

Analytics