Lucene search
K

66 matches found

OSV
OSV
added 2023/02/21 11:4 a.m.5 views

OESA-2023-1106 tar security update

GNU Tar provides the ability to create tar archives, as well as various other kinds of manipulation. For example, you can use Tar on previously created archives to extract files, to store additional files, or to update or list files which were already stored. Security Fixes: GNU Tar through 1.34...

5.5CVSS7AI score0.04524EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/02/21 12:0 a.m.3 views

PT-2023-36029 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow issue has been identified, which can cause a crash. The crash occurs due to a WRITE 1 heap-buffer-overflow. The functions involved in the crash include H5O mtime new...

7.4AI score
Exploits0References2
OSV
OSV
added 2023/02/17 11:4 a.m.6 views

OESA-2023-1104 tar security update

GNU Tar provides the ability to create tar archives, as well as various other kinds of manipulation. For example, you can use Tar on previously created archives to extract files, to store additional files, or to update or list files which were already stored. Security Fixes: GNU Tar through 1.34...

5.5CVSS7AI score0.04524EPSS
Exploits1References2
OSV
OSV
added 2023/02/17 11:4 a.m.4 views

OESA-2023-1103 tar security update

GNU Tar provides the ability to create tar archives, as well as various other kinds of manipulation. For example, you can use Tar on previously created archives to extract files, to store additional files, or to update or list files which were already stored. Security Fixes: GNU Tar through 1.34...

5.5CVSS7AI score0.04524EPSS
Exploits1References2
OSV
OSV
added 2023/02/17 11:4 a.m.4 views

OESA-2023-1089 tar security update

GNU Tar provides the ability to create tar archives, as well as various other kinds of manipulation. For example, you can use Tar on previously created archives to extract files, to store additional files, or to update or list files which were already stored. Security Fixes: GNU Tar through 1.34...

5.5CVSS7AI score0.04524EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.3 views

SUSE CVE-2020-15701

An unhandled exception in checkignored in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.1...

5.5CVSS6.6AI score0.00432EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.4 views

SUSE CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

4.3CVSS8.4AI score0.04524EPSS
Exploits1References34
Redos
Redos
added 2023/02/03 12:0 a.m.53 views

ROS-20230203-01

A vulnerability in the GNU Tar archiver is related to the fromheader function in list.c via the V7 archive, in which mtime contains approximately 11 whitespace characters. Exploitation of the vulnerability could allow an attacker, acting remotely, to transmit special data to the application and...

5.5CVSS6.3AI score0.04524EPSS
Exploits1
Snyk
Snyk
added 2023/01/31 9:19 a.m.1 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds in fromheader via a V7 archive in which mtime have approximately 11 whitespace characters. It results in the use of uninitialized memory for a conditional jump. Remediation A fix was pushed into the master branch but not y...

8.6CVSS6.9AI score0.04524EPSS
Exploits1References2
OSV
OSV
added 2023/01/30 4:15 a.m.3 views

ALPINE-CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

5.5CVSS6.9AI score0.04524EPSS
Exploits1References1
OSV
OSV
added 2023/01/30 4:15 a.m.4 views

DEBIAN-CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

5.5CVSS6.5AI score0.04524EPSS
Exploits1References1
OSV
OSV
added 2023/01/30 4:15 a.m.35 views

CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

5.5CVSS5AI score
Exploits0References4
OSV
OSV
added 2023/01/30 4:15 a.m.8 views

AZL-37145 CVE-2022-48303 affecting package tar for versions less than 1.34-3

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

5.5CVSS6.7AI score0.04524EPSS
Exploits1References1
OSV
OSV
added 2023/01/30 4:15 a.m.3 views

UBUNTU-CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

5.5CVSS6.8AI score0.04524EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2023/01/30 12:0 a.m.81 views

CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

5.5CVSS6.5AI score0.04524EPSS
Exploits1
NVD
NVD
added 2020/08/06 11:15 p.m.22 views

CVE-2020-15701

An unhandled exception in checkignored in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.1...

5.5CVSS5.5AI score0.00432EPSS
Exploits1References4
OSV
OSV
added 2020/08/06 11:15 p.m.2 views

CVE-2020-15701

An unhandled exception in checkignored in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.1...

5.5CVSS5.8AI score0.00432EPSS
Exploits1References4
Prion
Prion
added 2020/08/06 11:15 p.m.19 views

Code injection

An unhandled exception in checkignored in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.1...

2.1CVSS5.5AI score0.00432EPSS
Exploits1References4Affected Software2
CVE
CVE
added 2020/08/06 10:50 p.m.72 views

CVE-2020-15701

The CVE-2020-15701 issue affects the apport component (Apport) where an unhandled exception in check_ignored() can crash the process if mtime in apport-ignore.xml is a string, enabling a local DoS. Exploitation details are not described beyond local access prerequisites. The vulnerability is addr...

5.5CVSS5.4AI score0.00432EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/05/13 12:0 a.m.3 views

UBUNTU-CVE-2020-15701

An unhandled exception in checkignored in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.1...

5.5CVSS6AI score0.00432EPSS
Exploits1References4
Rows per page
Query Builder