Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.3 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7.3AI score0.00688EPSS
Exploits2References1
EUVD
EUVD
added 2026/03/20 5:25 p.m.7 views

EUVD-2026-13596

tar-rs incorrectly ignores PAX size headers if header size is nonzero...

8.1CVSS7.5AI score0.00688EPSS
Exploits2References4
OSV
OSV
added 2026/03/20 5:25 p.m.7 views

GHSA-GCHP-Q4R4-X4FF tar-rs incorrectly ignores PAX size headers if header size is nonzero

Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...

8.1CVSS5.7AI score0.00688EPSS
Exploits2References7
Github Security Blog
Github Security Blog
added 2026/03/20 5:25 p.m.14 views

tar-rs incorrectly ignores PAX size headers if header size is nonzero

Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...

8.1CVSS7.4AI score0.00397EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2026/03/20 7:16 a.m.5 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS0.00397EPSS
Exploits1References3
OSV
OSV
added 2026/03/20 7:16 a.m.4 views

DEBIAN-CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS5.4AI score0.00397EPSS
Exploits1References1
OSV
OSV
added 2026/03/20 7:16 a.m.5 views

UBUNTU-CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7.2AI score0.00688EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2026/03/20 7:6 a.m.3 views

CVE-2026-33055 tar-rs incorrectly ignores PAX size headers if header size is nonzero

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

5.1CVSS7.3AI score0.00397EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 7:6 a.m.8 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7.3AI score0.00688EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2026/03/20 7:6 a.m.28 views

CVE-2026-33055

CVE-2026-33055 affects the tar-rs crate (Rust tar library) version 0.4.44 and below, where conditional logic incorrectly skipped the PAX size header when the base header size was nonzero. This contrasts with other parsers that use the PAX size override, potentially causing archives to appear diff...

8.1CVSS7.3AI score0.00397EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/20 7:6 a.m.5 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS5.3AI score0.00397EPSS
Exploits1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.9 views

tar-rs 安全漏洞

tar-rs is a Rust language library for reading and writing tar archive files, developed by Alex Crichton. Versions of tar-rs prior to 0.4.44 contained security vulnerabilities. These vulnerabilities were caused by inconsistent handling of PAX size headers, which could lead to inconsistent...

8.1CVSS6AI score0.00688EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.9 views

PT-2026-26570

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7.3AI score0.00688EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2026/03/20 12:0 a.m.9 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7AI score0.00397EPSS
Exploits1References4
OSV
OSV
added 2026/03/19 12:0 p.m.5 views

RUSTSEC-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero

Versions 0.4.44 and below of tar-rs have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518astral-cve, the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the...

5.1CVSS5.7AI score0.00397EPSS
Exploits1References2
RustSec
RustSec
added 2026/03/19 12:0 p.m.23 views

tar-rs incorrectly ignores PAX size headers if header size is nonzero

Versions 0.4.44 and below of tar-rs have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518astral-cve, the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the...

8.1CVSS7.4AI score0.00688EPSS
Exploits1Affected Software1
Rows per page
Query Builder