CLSA-2025-1761744879 Fix CVE(s): CVE-2019-9923

SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2019-9923.patch: fix a NULL pointer dereference when parsing certain archives that have malformed extended headers in paxdecodeheader in sparse.c - CVE-2019-9923...

EUVD-2025-35214

uv has differential in tar extraction with PAX headers...

HashiCorp Nomad 安全漏洞

HashiCorp Nomad is a simple and flexible scheduler and orchestrator from the US-based HashiCorp Inc. for managing containerized and non-containerized applications at scale, both locally and in the cloud. A security vulnerability exists in HashiCorp Nomad that stems from the vulnerability of the...

UBUNTU-CVE-2022-2879

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

DEBIAN-CVE-2005-0133

ClamAV 0.80 and earlier allows remote attackers to cause a denial of service clamd daemon crash via a ZIP file with malformed headers...