43 matches found
CLSA-2026-1778820779 tar: Fix of CVE-2023-39804
CVE-2023-39804: fix crash on PAX archive with malformed extended header attributes in locatehandler and xattrdecoder...
CLSA-2025-1762536241 tar: Fix of CVE-2023-39804
CVE-2023-39804: fix crash in GNU tar caused by incorrect handling of extended PAX xattr headers leading to memory corruption DoS...
Linux Distros Unpatched Vulnerability : CVE-2023-39804
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVE-2023-39804 Note that Nessus relies o...
Photon OS 3.0: Tar PHSA-2023-3.0-0703
An update of the tar package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0703. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid23849...
openSUSE Security Advisory (SUSE-SU-2024:0070-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CBL Mariner 2.0 Security Update: tar (CVE-2023-39804)
The version of tar installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-39804 advisory. - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in...
CVE-2023-39804 affecting package tar for versions less than 1.34-3
CVE-2023-39804 affecting package tar for versions less than 1.34-3. A patched version of the package is available...
RHEL 9 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - tar: Incorrectly handled extension attributes in PAX archives can lead to a crash CVE-2023-39804 Note that Nessus h...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2024-1623)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.11.0 : tar (EulerOS-SA-2024-1642)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVE-2023-3980...
EulerOS Virtualization 2.11.1 : tar (EulerOS-SA-2024-1623)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVE-2023-3980...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2024-1539)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : tar (EulerOS-SA-2024-1539)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVE-2023-3980...
EulerOS Virtualization 2.10.1 : tar (EulerOS-SA-2024-1558)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVE-2023-3980...
DEBIAN-CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
CVE-2023-39804
CVE-2023-39804 corresponds to a GNU tar issue where mishandled extension attributes in a PAX archive can crash an application via xheader.c. The connected IBM bulletin maps this CVE to IBM API Connect onPrem v12 (12.1.0.0) and lists remediation by upgrading to v12.1.0.1. The IBM advisory presents...
CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2024-1479)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.0 : tar (EulerOS-SA-2024-1479)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in tar. This issue occurs when extended attributes are processed in PAX archives, and could allow an attacker to cau...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2024-1464)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...