Lucene search
K

62 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/09 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-32288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the old...

5.5CVSS5.5AI score0.0029EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/08 11:25 p.m.9 views

SUSE CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

4.3CVSS5.8AI score0.0029EPSS
Exploits0References10
EUVD
EUVD
added 2026/04/08 3:32 a.m.3 views

EUVD-2026-20016

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.9AI score0.0029EPSS
Exploits0References5
OSV
OSV
added 2026/04/08 2:16 a.m.3 views

DEBIAN-CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.5CVSS5.2AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 2:16 a.m.4 views

CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.5CVSS0.0029EPSS
Exploits0References4
OSV
OSV
added 2026/04/08 2:16 a.m.10 views

UBUNTU-CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.5CVSS5.8AI score0.0029EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/04/08 2:16 a.m.8 views

CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.5CVSS5.9AI score0.0029EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/08 1:6 a.m.2 views

CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.5CVSS5.8AI score0.0029EPSS
Exploits0
CVE
CVE
added 2026/04/08 1:6 a.m.23 views

CVE-2026-32288

CVE-2026-32288 affects Go’s archive/tar parsing of the old GNU sparse map format. A malicious tar with many sparse regions can trigger tar.Reader to allocate unbounded memory, potentially exhausting memory and causing high availability impact. Documented impact metrics show LOCAL attack vector, L...

5.5CVSS5.9AI score0.0029EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/04/08 1:6 a.m.5 views

CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.5CVSS5.2AI score0.0029EPSS
Exploits0
OSV
OSV
added 2026/04/07 10:53 p.m.7 views

GO-2026-4869 Unbounded allocation for old GNU sparse in archive/tar

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.5CVSS5.8AI score0.0029EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 11:4 a.m.7 views

Security Bulletin: Unbounded Memory Allocation in Go tar package When Processing Sparse Files, affects watsonx.data

Summary Go tar package's tar.Reader does not limit the number of sparse region blocks in GNU tar pax 1.0 sparse files. Malicious archives with many sparse regions can trigger excessive memory allocation, potentially causing memory exhaustion, even from small compressed inputs. This can affect...

4.3CVSS7AI score0.00419EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.5 views

PT-2026-31065

Name of the Vulnerable Software and Affected Versions tar.Reader affected versions not specified Description tar.Reader can allocate an unbounded amount of memory when processing a specially crafted archive containing numerous sparse regions encoded using the "old GNU sparse map" format. This can...

5.5CVSS5.8AI score0.0029EPSS
Exploits0References462
Fedora
Fedora
added 2026/03/28 12:46 a.m.7 views

[SECURITY] Fedora 43 Update: rust-astral-tokio-tar-0.6.0-1.fc43

A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
Fedora
Fedora
added 2026/03/28 12:46 a.m.8 views

[SECURITY] Fedora 43 Update: rust-tar-0.4.45-1.fc43

A Rust implementation of a TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all at once...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
Fedora
Fedora
added 2026/03/28 12:19 a.m.12 views

[SECURITY] Fedora 44 Update: rust-tar-0.4.45-1.fc44

A Rust implementation of a TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all at once...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
Fedora
Fedora
added 2026/03/28 12:19 a.m.9 views

[SECURITY] Fedora 44 Update: rust-astral-tokio-tar-0.6.0-1.fc44

A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/03/12 9:1 p.m.13 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
Rosalinux
Rosalinux
added 2026/02/16 7:14 a.m.63 views

Advisory ROSA-SA-2026-3146

Software: grafana 9.2.10 OS: ROSA Virtualization 3.1 unaffected versions = grafana-9.2.10-27.rv31 affected versions grafana-9.2.10-27.rv31 CVE-ID: CVE-2025-22871 BDU-ID: 2025-04014 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the net/http package of the Go programming language is related to...

10CVSS8.2AI score0.99999EPSS
Exploits29
Redos
Redos
added 2026/02/09 12:0 a.m.10 views

ROS-20260209-73-0030

A vulnerability in the tar.Reader component of the Go programming language is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

4.3CVSS5.6AI score0.00419EPSS
Exploits0
Rows per page
Query Builder