DevGuard Logo

🛡️ DevGuard
Group
/🧩 DevGuard CI-Components
Repository

Overview
Compliance
Artifacts
Code Risks
Dependency Risks
License Risks
Dependencies

CVE-2025-8194

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module:  https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1

Open
MEDIUM (4.3)
  • logo

    System detected CVE-2025-8194 with a risk of 3.45

    0.8.2
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    0.12.0
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    attest
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    add/artifact-name-input
  • logo

    System

    add/artifact-name-input
  • logo

    System

    add/artifact-name-input
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    0.11.1
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    fix-attest.yaml
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    0.9.0
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    add-first-party-scan-to-gitlap-pipeline
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    feautre/sarif-sbom-upload-components
  • logo

    System detected CVE-2025-8194 with a risk of 3.45

    update-risk-management-default-value
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    revert-c7057e5e
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    chore/adds-additional-env-flags
  • logo

    System detected CVE-2025-8194 with a risk of 3.45

    HEAD
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    examples
  • logo

    System detected CVE-2025-8194 with a risk of 1.72

    add-jobs-tags
  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    add-jobs-tags

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    add/artifact-name-input

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    chore/adds-additional-env-flags

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    0.9.0

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    attest

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    add-first-party-scan-to-gitlap-pipeline

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 3.45 to 4.25

    update-risk-management-default-value

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 3.45 to 4.25

    HEAD

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    revert-c7057e5e

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    0.12.0

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    fix-attest.yaml

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    examples

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    feautre/sarif-sbom-upload-components

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 1.72 to 2.12

    0.11.1

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 3.45 to 4.25

    0.8.2

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • logo

    System updated the risk assessment from 2.12 to 4.25

    add/artifact-name-input

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    0.11.1

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    0.9.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.25 to 2.12

    update-risk-management-default-value

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    revert-c7057e5e

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    chore/adds-additional-env-flags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    add-first-party-scan-to-gitlap-pipeline

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.25 to 2.12

    HEAD

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    add-jobs-tags

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    0.12.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.25 to 2.12

    0.8.2

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    examples

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    fix-attest.yaml

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 2.12 to 4.25

    feautre/sarif-sbom-upload-components

    System recalculated raw risk assessment

  • logo

    System fixed CVE-2025-8194

    add/artifact-name-input
  • logo

    System fixed CVE-2025-8194

    attest
  • logo

    System fixed CVE-2025-8194

    0.11.1
  • logo

    System fixed CVE-2025-8194

    examples
  • logo

    System fixed CVE-2025-8194

    0.9.0
  • logo

    System fixed CVE-2025-8194

    chore/adds-additional-env-flags
  • logo

    System fixed CVE-2025-8194

    revert-c7057e5e
  • logo

    System fixed CVE-2025-8194

    0.12.0
  • logo

    System fixed CVE-2025-8194

    add-jobs-tags
  • logo

    System fixed CVE-2025-8194

    fix-attest.yaml
  • logo

    System fixed CVE-2025-8194

    feautre/sarif-sbom-upload-components
  • logo

    System fixed CVE-2025-8194

    add-first-party-scan-to-gitlap-pipeline
  • logo

    System fixed CVE-2025-8194

    0.8.2
  • logo

    System fixed CVE-2025-8194

    HEAD
  • logo

    System fixed CVE-2025-8194

    update-risk-management-default-value
  • logo

    System fixed CVE-2025-8194

    main
  • logo

    System detected CVE-2025-8194 with a risk of 2.12

    add/artifact-name-input
  • logo

    System updated the risk assessment from 2.12 to 4.25

    update-risk-management-default-value

    System recalculated raw risk assessment

Add a comment

Mark as False Positive
Last calculated at:

Affected component

debian/python3.11

Installed version:
3.11.2-6
Fixed in:
no patch available
Show in dependency graph

Management decisions across the organization

GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 2ab7b793efd72421aea8c3a994ac60202bf1b3a5