Lucene search
K

235 matches found

RedhatCVE
RedhatCVE
added 2022/08/25 5:26 a.m.42 views

CVE-2021-33643

A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with the size in the header struct being 0 to trigger a calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

7.4CVSS2.6AI score0.01331EPSS
Exploits0References4
Photon
Photon
added 2022/08/18 12:0 a.m.37 views

Critical Photon OS Security Update - PHSA-2022-0509

Updates of 'libtar' packages of Photon OS have been released...

9.1CVSS1.6AI score0.01431EPSS
Exploits0
Photon
Photon
added 2022/08/18 12:0 a.m.39 views

Critical Photon OS Security Update - PHSA-2022-3.0-0437

Updates of 'libtiff', 'libtar', 'open-iscsi' packages of Photon OS have been released...

9.1CVSS6.8AI score0.01431EPSS
Exploits1
Photon
Photon
added 2022/08/17 12:0 a.m.29 views

Critical Photon OS Security Update - PHSA-2022-0231

Updates of 'libtar', 'libtiff' packages of Photon OS have been released...

1.6AI score0.01431EPSS
Exploits1
Photon
Photon
added 2022/08/17 12:0 a.m.29 views

Critical Photon OS Security Update - PHSA-2022-4.0-0231

Updates of 'libtar', 'libtiff' packages of Photon OS have been released...

9.1CVSS6.8AI score0.01431EPSS
Exploits1
Veracode
Veracode
added 2022/08/11 5:39 a.m.29 views

Denial Of Service (DoS)

libtar.so is vulnerable to denial of service. The vulnerability exists due to a memory leak from not freeing variable t-thbuf.gnulongname in the function thread causing the system to go out of memory and crash...

7.5CVSS8AI score0.01431EPSS
Exploits0References11Affected Software2
OSV
OSV
added 2022/08/10 8:15 p.m.5 views

AZL-10544 CVE-2021-33645 affecting package libtar for versions less than 1.2.20-10

The thread function doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...

7.5CVSS6.9AI score0.01431EPSS
Exploits0References1
OSV
OSV
added 2022/08/10 8:15 p.m.8 views

AZL-34948 CVE-2021-33645 affecting package libtar for versions less than 1.2.20-11

The thread function doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...

7.5CVSS6.9AI score0.01431EPSS
Exploits0References1
OSV
OSV
added 2022/08/10 8:15 p.m.7 views

AZL-34949 CVE-2021-33646 affecting package libtar for versions less than 1.2.20-11

The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...

7.5CVSS6.9AI score0.01431EPSS
Exploits0References1
OSV
OSV
added 2022/08/10 8:15 p.m.6 views

AZL-10542 CVE-2021-33643 affecting package libtar for versions less than 1.2.20-10

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

9.1CVSS7.1AI score0.01331EPSS
Exploits0References1
OSV
OSV
added 2022/08/10 8:15 p.m.6 views

AZL-10545 CVE-2021-33646 affecting package libtar for versions less than 1.2.20-10

The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...

7.5CVSS6.9AI score0.01431EPSS
Exploits0References1
OSV
OSV
added 2022/08/10 8:15 p.m.6 views

AZL-34947 CVE-2021-33644 affecting package libtar for versions less than 1.2.20-11

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...

8.1CVSS6.9AI score0.01127EPSS
Exploits0References1
OSV
OSV
added 2022/08/10 8:15 p.m.6 views

AZL-34946 CVE-2021-33643 affecting package libtar for versions less than 1.2.20-11

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

9.1CVSS7.2AI score0.01331EPSS
Exploits0References1
OSV
OSV
added 2022/08/10 8:15 p.m.6 views

AZL-10543 CVE-2021-33644 affecting package libtar for versions less than 1.2.20-10

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...

8.1CVSS6.9AI score0.01127EPSS
Exploits0References1
OSV
OSV
added 2022/08/05 11:4 a.m.2 views

OESA-2022-1807 libtar security update

Libtar is a C library for manipulating POSIX tar files. It handles adding and extracting files to/from a tar archive. Requires gcc, make, and zlib. Security Fixes: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a...

9.1CVSS6.8AI score0.01431EPSS
Exploits0References5
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.37 views

CVE-2013-4420 affecting package libtar for versions less than 1.2.20-8

CVE-2013-4420 affecting package libtar for versions less than 1.2.20-8. A patched version of the package is available...

5.8CVSS9.6AI score0.03277EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2022-1078)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.6AI score0.03277EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2014-0090)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS9.5AI score0.03277EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.10 views

Mageia: Security Advisory (MGASA-2013-0309)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.7AI score0.05485EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/08/09 12:0 a.m.20 views

EulerOS 2.0 SP8 : libtar (EulerOS-SA-2021-2302)

According to the version of the libtar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attacke...

5.8CVSS6.5AI score0.03277EPSS
Exploits0References2
Rows per page
Query Builder