Lucene search
K

39 matches found

OSV
OSV
added 2026/04/30 3:33 p.m.8 views

CLSA-2026-1777563191 tar: Fix of CVE-2019-9923

CVE-2019-9923: fix NULL pointer dereference in paxdecodeheader on malformed PAX extended headers...

7.5CVSS7.1AI score0.03028EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2019-9923)

paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenabl...

7.5CVSS6.7AI score0.03028EPSS
Exploits0References3
OSV
OSV
added 2025/10/29 1:34 p.m.8 views

CLSA-2025-1761744879 Fix CVE(s): CVE-2019-9923

SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2019-9923.patch: fix a NULL pointer dereference when parsing certain archives that have malformed extended headers in paxdecodeheader in sparse.c - CVE-2019-9923...

7.5CVSS6.8AI score0.03028EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2019-9923

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers...

7.5CVSS6.3AI score0.03028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.19 views

Photon OS 3.0: Tar PHSA-2019-3.0-0013

An update of the tar package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0013. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20309...

7.5CVSS6.6AI score0.03028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.22 views

RHEL 8 : tar (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: null-pointer dereference in paxdecodeheader in sparse.c CVE-2019-9923 - In GNU tar before 1.35,...

7.5CVSS5.9AI score0.03992EPSS
Exploits0References4
Amazon
Amazon
added 2023/06/06 12:0 a.m.26 views

Medium: tar

Issue Overview: paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. CVE-2019-9923 Affected Packages: tar Issue Correction: Run yum update tar or yum update --advisory ALAS-2023-1755 to update your...

7.5CVSS7.4AI score0.03028EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/06 12:0 a.m.26 views

Amazon Linux AMI : tar (ALAS-2023-1755)

The version of tar installed on the remote host is prior to 1.26-31.24. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1755 advisory. paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed...

7.5CVSS6.5AI score0.03028EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/06/05 12:0 a.m.36 views

Amazon Linux 2 : tar (ALAS-2023-2064)

The version of tar installed on the remote host is prior to 1.26-35. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2064 advisory. paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed...

7.5CVSS6.5AI score0.03028EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.4 views

SUSE CVE-2019-9923

paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers...

3.3CVSS7.7AI score0.03028EPSS
Exploits0References39
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.32 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU Tar (CVE-2019-9923).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU Tar, caused by a NULL point dereference in the paxdecodeheader in sparse.c CVE-2019-9923. A remote attacker could exploit this vulnerability to cause the application to crash. GNU T...

7.5CVSS5.6AI score0.03028EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.30 views

Security Bulletin: A vulnerability in GNU Tar affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2019-9923)

Summary A vulnerability in GNU Tar affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2019-9923. Please see the steps below to remediate this issue. Vulnerability Details CVEID:CVE-2019-9923 DESCRIPTION: GNU Tar is vulnerable to a denial of service, caused by a NULL point...

7.5CVSS5.7AI score0.03028EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2022/05/17 12:0 a.m.25 views

openSUSE: Security Advisory for tar (SUSE-SU-2022:1548-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS5.7AI score0.03028EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/05/06 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2022:1548-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.9AI score0.03028EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/05/06 12:0 a.m.30 views

SUSE SLED15 / SLES15 Security Update : tar (SUSE-SU-2022:1548-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1548-1 advisory. - GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows loca...

7.5CVSS6.3AI score0.03028EPSS
Exploits1References11
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2019-0164)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03028EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2019:0926-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.03028EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2019:14215-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.03028EPSS
Exploits1References7
Cloud Foundry
Cloud Foundry
added 2021/02/10 12:0 a.m.56 views

USN-4692-1: tar vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the –sparse flag. An attacker could possibl...

7.5CVSS5.8AI score0.03028EPSS
Exploits1Affected Software3
OpenVAS
OpenVAS
added 2021/01/14 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-4692-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.03028EPSS
Exploits1References2
Rows per page
Query Builder