16 matches found
CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
EUVD-2026-13596
tar-rs incorrectly ignores PAX size headers if header size is nonzero...
GHSA-GCHP-Q4R4-X4FF tar-rs incorrectly ignores PAX size headers if header size is nonzero
Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...
tar-rs incorrectly ignores PAX size headers if header size is nonzero
Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...
CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
DEBIAN-CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
UBUNTU-CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
CVE-2026-33055 tar-rs incorrectly ignores PAX size headers if header size is nonzero
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
CVE-2026-33055
CVE-2026-33055 affects the tar-rs crate (Rust tar library) version 0.4.44 and below, where conditional logic incorrectly skipped the PAX size header when the base header size was nonzero. This contrasts with other parsers that use the PAX size override, potentially causing archives to appear diff...
CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
tar-rs 安全漏洞
tar-rs is a Rust language library for reading and writing tar archive files, developed by Alex Crichton. Versions of tar-rs prior to 0.4.44 contained security vulnerabilities. These vulnerabilities were caused by inconsistent handling of PAX size headers, which could lead to inconsistent...
PT-2026-26570
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
RUSTSEC-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero
Versions 0.4.44 and below of tar-rs have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518astral-cve, the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the...
tar-rs incorrectly ignores PAX size headers if header size is nonzero
Versions 0.4.44 and below of tar-rs have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518astral-cve, the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the...