Lucene search
K

10 matches found

OSV
OSV
added 2026/03/20 5:25 p.m.7 views

GHSA-GCHP-Q4R4-X4FF tar-rs incorrectly ignores PAX size headers if header size is nonzero

Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...

8.1CVSS5.7AI score0.00688EPSS
Exploits2References7
Github Security Blog
Github Security Blog
added 2026/03/20 5:25 p.m.14 views

tar-rs incorrectly ignores PAX size headers if header size is nonzero

Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...

8.1CVSS7.4AI score0.00397EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2026/03/20 7:16 a.m.4 views

DEBIAN-CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS5.4AI score0.00397EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/20 7:6 a.m.8 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7.3AI score0.00688EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2026/03/20 7:6 a.m.7 views

CVE-2026-33055 tar-rs incorrectly ignores PAX size headers if header size is nonzero

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

5.1CVSS5.8AI score0.00688EPSS
Exploits2References5
OSV
OSV
added 2026/03/19 12:0 p.m.5 views

RUSTSEC-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero

Versions 0.4.44 and below of tar-rs have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518astral-cve, the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the...

5.1CVSS5.7AI score0.00397EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/04/02 11:34 a.m.4 views

kernel: erspan: make sure erspan_base_hdr is present in skb->head

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head The Linux kernel CVE team has assigned CVE-2024-35888 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051947-CVE-2024-35888-1e04@gregkh/T...

5.5CVSS6.4AI score0.0025EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/08 2:5 a.m.7 views

kernel: erspan: make sure erspan_base_hdr is present in skb->head

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head The Linux kernel CVE team has assigned CVE-2024-35888 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051947-CVE-2024-35888-1e04@gregkh/T...

5.5CVSS6.4AI score0.0025EPSS
Exploits0References5
OSV
OSV
added 2024/05/19 9:15 a.m.3 views

UBUNTU-CVE-2024-35888

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head syzbot reported a problem in ip6erspanrcv 1 Issue is that ip6erspanrcv and erspanrcv no longer make sure erspanbasehdr is present in skb linear part skb-head before getting...

5.5CVSS6.2AI score0.0025EPSS
Exploits0References28
Cvelist
Cvelist
added 2008/01/04 12:0 a.m.20 views

CVE-2007-6631

Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execute arbitrary code via 1 a reply that begins with a long version string, which triggers an overflow in handlertsppkt in rtsphandlers.c; long headers that trigger overflows in 2 sendpauserequest, 3...

8AI score0.09083EPSS
Exploits1References9
Rows per page
Query Builder