506 matches found
Alibaba Cloud Linux 3 : 0185: perl-Archive-Tar (ALINUX3-SA-2026:0185)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0185 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-42496: Archive::Tar versions before 3.08 f...
SUSE-SU-2026:22572-1 Security update for go1.26-openssl
This update for go1.26-openssl fixes the following issues: Update to go1.26.4 bsc1255111. Security issues fixed: - CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. - CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination bsc1261654. -...
MiracleLinux 8 : perl-Archive-Tar-2.30-2.el8_10 (AXSA:2026-1104:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-1104:01 advisory. perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access CVE-2026-42496 Tenable has extracted the preceding...
RLSA-2026:30857 Important: perl-Archive-Tar security update
Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support...
perl-Archive-Tar security update
An update is available for perl-Archive-Tar. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Archive::Tar provides an object oriented mechanism for handling tar...
RockyLinux 10 : perl-Archive-Tar (RLSA-2026:30857)
The remote RockyLinux 10 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:30857 advisory. perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access CVE-2026-42496 Tenable has extracted the preceding...
USN-8467-2: Perl vulnerabilities
USN-8467-1 fixed vulnerabilities in Perl. This update provides the corresponding fix for Perl on Ubuntu 25.10. Original advisory details: It was discovered that Perl's Archive::Tar module incorrectly handled symlink and hardlink targets during extraction. An attacker could use this issue to read ...
USN-8467-2 perl vulnerabilities
USN-8467-1 fixed vulnerabilities in Perl. This update provides the corresponding fix for Perl on Ubuntu 25.10. Original advisory details: It was discovered that Perl's Archive::Tar module incorrectly handled symlink and hardlink targets during extraction. An attacker could use this issue to read ...
RLSA-2026:30856 Important: perl-Archive-Tar security update
Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support...
perl-Archive-Tar security update
An update is available for perl-Archive-Tar. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Archive::Tar provides an object oriented mechanism for handling tar...
SUSE CVE-2026-42496
Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar header's linkname to symlink without validating it against absolute paths or .. segments. The secure-extract mode check that guards regular...
RockyLinux 9 : perl-Archive-Tar (RLSA-2026:30856)
The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:30856 advisory. perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access CVE-2026-42496 Tenable has extracted the preceding descripti...
RHSA-2026:30857 Red Hat Security Advisory: perl-Archive-Tar security update
Bulletin has no description...
Oracle Linux 9 : perl-Archive-Tar (ELSA-2026-30856)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-30856 advisory. - Fix CVE-2026-42496: validate symlink and hardlink targets in secure extract mode Tenable has extracted the preceding description block directly from the Orac...
RHEL 10 : perl-Archive-Tar (RHSA-2026:30857)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:30857 advisory. Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also...
Oracle Linux 8 : perl-Archive-Tar (ELSA-2026-30852)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-30852 advisory. - Fix CVE-2026-42496: validate symlink and hardlink targets in secure extract mode - Fixes CVE-2018-12015 directory traversal bug 1588761 Tenable has extracted...
AlmaLinux 10 : perl-Archive-Tar (ALSA-2026:30857)
The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:30857 advisory. perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access CVE-2026-42496 Tenable has extracted the preceding descripti...
AlmaLinux 9 : perl-Archive-Tar (ALSA-2026:30856)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:30856 advisory. perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access CVE-2026-42496 Tenable has extracted the preceding descriptio...
perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access
A flaw was found in perl-Archive-Tar. Versions before 3.08 for Perl are vulnerable to a path traversal issue. An attacker can craft a malicious tar archive containing symlinks with targets outside the intended extraction directory. This vulnerability allows the attacker to read or write to...
Important: Red Hat Security Advisory: perl-Archive-Tar security update
An update for perl-Archive-Tar is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...