Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/04/08 9:1 p.m.5 views

CVE-2026-32288

A flaw was found in Go's archive/tar package. A remote attacker could exploit this vulnerability by providing a maliciously-crafted archive file. When the tar.Reader processes an archive containing a large number of sparse regions in the "old GNU sparse map" format, it can lead to unbounded memor...

5.5CVSS5.8AI score0.0029EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/26 7:35 a.m.10 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.14.63 packages and security update

Red Hat OpenShift Container Platform release 4.14.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/23 2:36 a.m.7 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7AI score0.00419EPSS
Exploits0References8
OSV
OSV
added 2026/01/27 12:0 a.m.10 views

ALSA-2026:1377 Moderate: image-builder security update

A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS scor...

4.3CVSS5.6AI score0.00419EPSS
Exploits0References4
OSV
OSV
added 2025/12/22 12:0 a.m.5 views

ALSA-2025:23948 Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score,...

4.3CVSS6.8AI score0.00419EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.10 views

RHEL 9 : grafana (RHSA-2025:23746)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23746 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/tar:...

4.3CVSS7.7AI score0.00419EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2025/12/22 12:0 a.m.6 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score,...

4.3CVSS6.9AI score0.00419EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.9 views

RockyLinux 9 : podman (RLSA-2025:23325)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:23325 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

4.3CVSS7.7AI score0.00419EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.7 views

RockyLinux 8 : container-tools:rhel8 (RLSA-2025:23374)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:23374 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

4.3CVSS7.7AI score0.00419EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/12/18 10:17 a.m.6 views

Moderate: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/12/18 10:17 a.m.10 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/12/18 10:8 a.m.11 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/12/02 2:45 p.m.3 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/11/26 3:5 p.m.5 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.15 views

PT-2025-42737

Name of the Vulnerable Software and Affected Versions golang versions 1.15 golang versions 1.19 Description An issue exists in the archive/tar package within golang that involves an unbounded allocation during the parsing of GNU sparse map files. This can lead to excessive memory consumption and...

5CVSS6.7AI score0.00419EPSS
Exploits0
Rows per page
Query Builder