Lucene search
K

16 matches found

OSV
OSV
added 2026/05/05 9:19 p.m.11 views

CLSA-2026-1777564129 tar: Fix of CVE-2019-9923

CVE-2019-9923: fix NULL pointer dereference in paxdecodeheader on malformed PAX extended headers...

7.5CVSS7.1AI score0.03028EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 12:0 p.m.6 views

RUSTSEC-2025-0110 astral-tokio-tar Vulnerable to PAX Header Desynchronization

Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser incorrect...

8.1CVSS7AI score0.00688EPSS
Exploits1References3
RustSec
RustSec
added 2025/10/21 12:0 p.m.7 views

astral-tokio-tar Vulnerable to PAX Header Desynchronization

Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser incorrect...

8.1CVSS7.1AI score0.00688EPSS
Exploits1Affected Software1
Prion
Prion
added 2023/09/14 8:15 a.m.27 views

Input validation

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...

1.9CVSS6.3AI score0.12608EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/09/14 7:45 a.m.30 views

CVE-2023-42503 Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...

6.7AI score0.00489EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/08/26 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2021:2834-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9AI score0.10027EPSS
Exploits9References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2018:0862-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9AI score0.10027EPSS
Exploits8References7
RedHat Linux
RedHat Linux
added 2006/03/01 3:3 p.m.4 views

security flaw

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...

5.1CVSS7.4AI score0.05053EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2006/02/24 12:2 a.m.25 views

CVE-2006-0300

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...

5.1CVSS7.2AI score0.05053EPSS
Exploits0References2
Prion
Prion
added 2006/02/24 12:2 a.m.24 views

Buffer overflow

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...

5.1CVSS7.2AI score0.05053EPSS
Exploits0References43Affected Software1
NVD
NVD
added 2006/02/24 12:2 a.m.17 views

CVE-2006-0300

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...

5.1CVSS7AI score0.05053EPSS
Exploits0References43
OSV
OSV
added 2006/02/24 12:2 a.m.3 views

DEBIAN-CVE-2006-0300

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...

5.1CVSS7.6AI score0.05053EPSS
Exploits0References1
OSV
OSV
added 2006/02/24 12:2 a.m.3 views

CVE-2006-0300

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...

7AI score
Exploits0References46
Cvelist
Cvelist
added 2006/02/24 12:0 a.m.27 views

CVE-2006-0300

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...

7.7AI score0.05053EPSS
Exploits0References43
CVE
CVE
added 2006/02/24 12:0 a.m.91 views

CVE-2006-0300

CVE-2006-0300 refers to a buffer overflow in GNU tar versions 1.14–1.15.90 triggered by processing TAR archives with PAX extended headers. The impact described in the core CVE is a denial of service (application crash) and potential code execution via unspecified vectors. Connected advisories and...

5.1CVSS7.7AI score0.05053EPSS
Exploits0References43Affected Software1
Debian CVE
Debian CVE
added 2006/02/24 12:0 a.m.41 views

CVE-2006-0300

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...

5.1CVSS7.6AI score0.05053EPSS
Exploits0
Rows per page
Query Builder