CVE-2023-38346
Wind River VxWorks 6.9 and 7 are affected by CVE-2023-38346 due to the tarExtract function handling TAR archives without proper path validation, which may allow directory traversal and unintended behavior. The issue arises from tarExtract processing files with relative or absolute paths and not c...