CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 4 days ago•9 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.20.24 packages and security update

Red Hat OpenShift Container Platform release 4.20.24 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

7.1CVSS5.8AI score0.00018EPSS

Exploits4References2

RedhatCVE•added 4 days ago•5 views

CVE-2026-42496

A flaw was found in perl-Archive-Tar. Versions before 3.08 for Perl are vulnerable to a path traversal issue. An attacker can craft a malicious tar archive containing symlinks with targets outside the intended extraction directory. This vulnerability allows the attacker to read or write to...

Tenable Nessus•added 2026/05/27 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-42496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar...

Tenable Nessus•added 2026/05/27 12:0 a.m.•18 views

Exploits0References4

Linux Distros Unpatched Vulnerability : CVE-2026-42497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar...

7.5CVSS5.8AI score0.00048EPSS

NVD•added 2026/05/26 2:16 a.m.•6 views

CVE-2026-9538

Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. readtar reads each entry's payload with $handle-read$$data, $block, where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that...

7.5CVSS0.00037EPSS

OSV•added 2026/05/26 2:16 a.m.•4 views

DEBIAN-CVE-2026-9538

OSV•added 2026/05/26 2:16 a.m.•5 views

DEBIAN-CVE-2026-42497

7.5CVSS5.8AI score0.00048EPSS

NVD•added 2026/05/26 2:16 a.m.•6 views

CVE-2026-42497

7.5CVSS0.00048EPSS

NVD•added 2026/05/26 2:16 a.m.•7 views

CVE-2026-42496

Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar header's linkname to symlink without validating it against absolute paths or .. segments. The secure-extract mode check that guards regular...

9.1CVSS0.00052EPSS

OSV•added 2026/05/26 2:16 a.m.•4 views

DEBIAN-CVE-2026-42496

OSV•added 2026/05/26 2:16 a.m.•2 views

UBUNTU-CVE-2026-9538

OSV•added 2026/05/26 2:16 a.m.•3 views

UBUNTU-CVE-2026-42496

OSV•added 2026/05/26 2:16 a.m.•2 views

UBUNTU-CVE-2026-42497

7.5CVSS5.8AI score0.00052EPSS

Cvelist•added 2026/05/26 12:18 a.m.•38 views

CVE-2026-9538 Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header

0.00037EPSS

Exploits0References2

Debian CVE•added 2026/05/26 12:18 a.m.•6 views

CVE-2026-9538

Vulnrichment•added 2026/05/26 12:18 a.m.•5 views

Exploits0

CVE-2026-9538 Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header

5.8AI score0.00037EPSS

Exploits0References2

CVE•added 2026/05/26 12:18 a.m.•35 views

CVE-2026-9538

CVE-2026-9538 affects Archive::Tar prior to 3.10 for Perl. A crafted tar header can set a multi‑gigabyte size, causing _read_tar() to allocate a scalar of that size, leading to memory exhaustion. The vulnerability arises from reading entry payloads with a size block derived from the header withou...