Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/03/12 9:1 p.m.11 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
OSV
OSV
added 2025/11/28 12:12 p.m.5 views

CLSA-2025-1764331947 golang: Fix of CVE-2025-58183

CVE-2025-58183: fix unbounded memory consumption when reading GNU pax 1.0 sparse files...

4.3CVSS5.8AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2025/11/06 12:58 p.m.4 views

BIT-GOLANG-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS6.4AI score0.00419EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/10/08 11:22 p.m.11 views

SUSE CVE-2025-58183

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

3.3CVSS6.8AI score0.00419EPSS
Exploits0References32
Rows per page
Query Builder