Lucene search

K
cvelistOpenEulerCVELIST:CVE-2021-33643
HistoryAug 09, 2022 - 12:00 a.m.

CVE-2021-33643

2022-08-0900:00:00
CWE-125
openEuler
www.cve.org

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.5%

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "libtar",
    "versions": [
      {
        "version": "<1.2.21",
        "status": "affected"
      }
    ]
  }
]