kagglehub is vulnerable to Path Traversal
53
Medium Risk
kagglehub downloads model and dataset archives and unpacks them in _extract_archive inside http_resolver.py. For tar archives the library calls extractall without an extraction filter, so member paths and symlinks are not validated against the destination directory. A crafted tar archive served as a Kaggle resource can write files outside the intended extraction directory, allowing arbitrary file overwrite on the downloading host. The fix passes filter="data" to extractall so unsafe tar members are rejected during extraction.
You are affected if you are using a version that falls within the vulnerable range and you download and extract tar-based Kaggle resources.
kagglehub is vulnerable to Path Traversal in versions 0.2.6 - 1.0.1.
Upgrade the kagglehub library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant