JLSEC-2026-184

🗓️ 24 Apr 2026 13:16:18Reported by GoogleType

osv🔗 osv.dev👁 3 Views

GNU Tar up to 1.34: one-byte out-of-bounds read in from_header for V7 archives with eleven spaces in mtime.

Reporter	Title	Published	Views	Family All 165
IBM Security Bulletins	Security Bulletin: A vulnerability in tar package affects Data Replication on Cloud Pak for Data	7 Nov 202321:10	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2022-48303 may affect IBM CICS TX Advanced 10.1	8 Jun 202318:18	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in GNU Tar may affect IBM Robotic Process Automation for Cloud Pak and result in a buffer overflow (CVE-2022-48303)	1 May 202314:58	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in GNU Tar affects IBM MQ Operator and Queue manager container images (CVE-2022-48303)	30 Mar 202316:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in tar	11 Nov 202516:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js bl modules denial of service vulnerability( CVE-2020-8244) and GNU Tar buffer overflow vulnerability( CVE-2022-48303)	6 Jul 202318:02	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is vulnerable to heap-based buffer overflow (CVE-2022-48303)	28 Jun 202312:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in GNU Tar (CVE-2022-48303)	3 May 202314:11	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insights 1.6.10 addresses multiple security vulnerabilities.	27 Sep 202321:11	–	ibm
IBM Security Bulletins	Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities	26 Mar 202504:04	–	ibm

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
savannah	www.savannah.gnu.org/bugs/
savannah	www.savannah.gnu.org/bugs/
savannah	www.savannah.gnu.org/patch/
savannah	www.savannah.gnu.org/patch/

24 Apr 2026 13:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.15.5

EPSS0.00047

SSVC