16 matches found
CLSA-2026-1777564129 tar: Fix of CVE-2019-9923
CVE-2019-9923: fix NULL pointer dereference in paxdecodeheader on malformed PAX extended headers...
RUSTSEC-2025-0110 astral-tokio-tar Vulnerable to PAX Header Desynchronization
Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser incorrect...
astral-tokio-tar Vulnerable to PAX Header Desynchronization
Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser incorrect...
Input validation
Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...
CVE-2023-42503 Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file
Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...
SUSE: Security Advisory (SUSE-SU-2021:2834-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0862-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
security flaw
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...
CVE-2006-0300
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...
Buffer overflow
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...
CVE-2006-0300
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...
DEBIAN-CVE-2006-0300
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...
CVE-2006-0300
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...
CVE-2006-0300
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...
CVE-2006-0300
CVE-2006-0300 refers to a buffer overflow in GNU tar versions 1.14–1.15.90 triggered by processing TAR archives with PAX extended headers. The impact described in the core CVE is a denial of service (application crash) and potential code execution via unspecified vectors. Connected advisories and...
CVE-2006-0300
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...