CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Microsoft CVE•added 2024/11/23 8:0 a.m.•2 views

In GNU tar before 1.35 mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.

...

OSV•added 2024/09/27 11:9 a.m.•3 views

OESA-2024-2170 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

7.3CVSS7.5AI score0.01307EPSS

Tenable Nessus•added 2024/05/15 12:0 a.m.•27 views

EulerOS Virtualization 2.11.1 : tar (EulerOS-SA-2024-1623)

According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVE-2023-3980...

Tenable Nessus•added 2024/05/15 12:0 a.m.•9 views

EulerOS Virtualization 2.11.0 : tar (EulerOS-SA-2024-1642)

Tenable Nessus•added 2024/05/11 12:0 a.m.•27 views

RHEL 6 : tar (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - GNU Tar through 1.30, when --sparse is used,...

6.4AI score0.14261EPSS

Exploits5References6

Redos•added 2024/04/25 12:0 a.m.•24 views

ROS-20240425-02

A vulnerability in the GNU Tar archiver is related to improper handling of extension attributes in the PAX archive. Exploitation of the vulnerability could allow an attacker acting remotely to transmit special data to the application and cause a denial of service. special data to the application...

6.2CVSS6.6AI score0.00036EPSS

Tenable Nessus•added 2024/04/19 12:0 a.m.•12 views

EulerOS Virtualization 2.10.1 : tar (EulerOS-SA-2024-1558)

Tenable Nessus•added 2024/04/19 12:0 a.m.•24 views

EulerOS Virtualization 2.10.0 : tar (EulerOS-SA-2024-1539)

OSV•added 2024/03/27 4:15 a.m.•3 views

DEBIAN-CVE-2023-39804

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...

6.2CVSS6.1AI score0.00036EPSS

Exploits0References1

NVD•added 2024/03/27 4:15 a.m.•11 views

CVE-2023-39804

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...

6.2CVSS7.1AI score0.00036EPSS

Exploits0References4

OSV•added 2024/03/27 4:15 a.m.•7 views

CVE-2023-39804

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...

6.2CVSS6.4AI score

Exploits0References4

Cvelist•added 2024/03/27 12:0 a.m.•18 views

CVE-2023-39804

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...

9.4AI score0.00036EPSS

CVE•added 2024/03/27 12:0 a.m.•115 views

CVE-2023-39804

CVE-2023-39804 corresponds to a GNU tar issue where mishandled extension attributes in a PAX archive can crash an application via xheader.c. The connected IBM bulletin maps this CVE to IBM API Connect onPrem v12 (12.1.0.0) and lists remediation by upgrading to v12.1.0.1. The IBM advisory presents...

6.2CVSS9AI score0.00036EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2024/03/27 12:0 a.m.•19 views

CVE-2023-39804

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...

6.5AI score0.00036EPSS

Debian CVE•added 2024/03/27 12:0 a.m.•42 views

CVE-2023-39804

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...

6.2CVSS5.3AI score0.00036EPSS

OSV•added 2024/01/10 8:38 a.m.•5 views

SUSE-SU-2024:0071-1 Security update for tar

This update for tar fixes the following issues: - CVE-2023-39804: Incorrectly handled extension attributes in PAX archives can lead to a crash bsc1217969...

6.2CVSS6.2AI score0.00036EPSS

OSV•added 2024/01/09 5:30 p.m.•4 views

SUSE-SU-2024:0070-2 Security update for tar

This update for tar fixes the following issues: - CVE-2023-39804: Fixed extension attributes in PAX archives incorrect hanling bsc1217969...

6.2CVSS6.3AI score0.00036EPSS