12 matches found
CVE-2026-7774
tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...
CVE-2026-7774
tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : tar-fs vulnerabilities (USN-8367-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8367-1 advisory. It was discovered that tar-fs did not properly limit paths when extracting crafted tar files. An attacker could possibly use this iss...
Linux Distros Unpatched Vulnerability : CVE-2026-7774
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outsid...
CVE-2026-31802 node-tar Symlink Path Traversal via Drive-Relative Linkpath
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar npm can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x...
DEBIAN-CVE-2026-29786
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...
tar has Hardlink Path Traversal via Drive-Relative Linkpath
Summary tar npm can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Details The extraction logic in UnpackSTRIPABSOLUTEPATH chec...
CVE-2025-59825
astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of their intended destination directory when using the Entry::unpackinraw API. Additionally, the Entry::allowexternalsymlinks control which...
Linux Distros Unpatched Vulnerability : CVE-2025-4517
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=data. You are affected by this vulnerability if using the...
DEBIAN-CVE-2025-4517
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...
GHSA-PQ67-2WWV-3XJX tar-fs Vulnerable to Link Following and Path Traversal via Extracting a Crafted tar File
An Improper Link Resolution Before File Access "Link Following" and Improper Limitation of a Pathname to a Restricted Directory "Path Traversal". This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intend...
USN-4937-2 gnome-autoar regression
USN-4937-1 fixed a vulnerability in GNOME Autoar. The update caused a regression when extracting certain archives. This update fixes the problem. Original advisory details: Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into...