Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/03/20 5:25 p.m.2 views

EUVD-2026-13596

tar-rs incorrectly ignores PAX size headers if header size is nonzero...

8.1CVSS7.5AI score0.00019EPSS
Exploits2References4
OSV
OSVadded 2026/03/20 7:16 a.m.2 views

DEBIAN-CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS5.4AI score0.00019EPSS
Exploits1References1
CVE
CVEadded 2026/03/20 7:11 a.m.46 views

CVE-2026-33056

The tar-rs Rust library (versions

6.5CVSS5.9AI score0.00019EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/03/20 7:6 a.m.21 views

CVE-2026-33055 tar-rs incorrectly ignores PAX size headers if header size is nonzero

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

5.1CVSS0.00019EPSS
Exploits1References3
UbuntuCve
UbuntuCveadded 2026/03/20 12:0 a.m.3 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7AI score0.00019EPSS
Exploits1References4
CNNVD
CNNVDadded 2026/03/20 12:0 a.m.4 views

tar-rs 安全漏洞

tar-rs is a Rust language library for reading and writing tar archive files, developed by Alex Crichton. Versions of tar-rs prior to 0.4.44 contained security vulnerabilities. These vulnerabilities were caused by inconsistent handling of PAX size headers, which could lead to inconsistent...

8.1CVSS6AI score0.00019EPSS
Exploits2References3
CNNVD
CNNVDadded 2026/03/20 12:0 a.m.5 views

tar-rs 安全漏洞

tar-rs is a Rust library for reading and writing tar archive files, developed by Alex Crichton. Versions of tar-rs prior to 0.4.44 contain security vulnerabilities. These vulnerabilities stem from defects in the unpackdir function, which handles symbolic links. Such defects could lead to arbitrar...

6.5CVSS5.9AI score0.00019EPSS
Exploits1References3
RustSec
RustSecadded 2026/03/19 12:0 p.m.8 views

`unpack_in` can chmod arbitrary directories by following symlinks

In versions 0.4.44 and below of tar-rs, when unpacking a tar archive, the tar crate's unpackdir function uses fs::metadatafs-metadata to check whether a path that already exists is a directory. Because fs::metadata follows symbolic links, a crafted tarball containing a symlink entry followed by a...

6.5CVSS5.8AI score0.00019EPSS
Exploits1Affected Software1
Rows per page
Query Builder