Lucene search
K

4 matches found

OSV
OSV
added 2026/03/20 7:16 a.m.6 views

UBUNTU-CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7.2AI score0.00688EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2026/03/20 7:6 a.m.3 views

CVE-2026-33055 tar-rs incorrectly ignores PAX size headers if header size is nonzero

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

5.1CVSS7.3AI score0.00397EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2026/03/19 8:23 a.m.6 views

Security update for jq

This update for jq fixes the following issue: CVE-2025-9403: test suite assertion failure in JSON parsing consistency validation bsc1248600. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

4.8CVSS5.8AI score0.00194EPSS
Exploits1References4
Imperva Blog
Imperva Blog
added 2025/08/21 3:35 p.m.16 views

Smuggling Requests with Chunked Extensions: A New HTTP Desync Trick

A new HTTP request smuggling technique was recently discovered, where attackers take advantage of inconsistent parsing behaviors between front-end proxy servers and back-end application servers. This attack technique leverages ambiguous request formatting to inject malicious secondary requests th...

7AI score
Exploits0
Rows per page
Query Builder