Lucene search
K

8 matches found

OSV
OSV
added 2026/05/26 2:16 a.m.9 views

DEBIAN-CVE-2026-9538

Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. readtar reads each entry's payload with $handle-read$$data, $block, where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that...

7.5CVSS5.8AI score0.00437EPSS
Exploits0References1
OSV
OSV
added 2026/05/26 2:16 a.m.3 views

UBUNTU-CVE-2026-9538

Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. readtar reads each entry's payload with $handle-read$$data, $block, where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that...

7.5CVSS5.8AI score0.00437EPSS
Exploits0References6
CVE
CVE
added 2026/05/26 12:18 a.m.65 views

CVE-2026-9538

CVE-2026-9538 affects Archive::Tar prior to 3.10 for Perl. A crafted tar header can set a multi‑gigabyte size, causing _read_tar() to allocate a scalar of that size, leading to memory exhaustion. The vulnerability arises from reading entry payloads with a size block derived from the header withou...

7.5CVSS5.8AI score0.00437EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/26 12:18 a.m.9 views

CVE-2026-9538

Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. readtar reads each entry's payload with $handle-read$$data, $block, where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that...

7.5CVSS5.8AI score0.00437EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/26 12:18 a.m.74 views

CVE-2026-9538 Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header

Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. readtar reads each entry's payload with $handle-read$$data, $block, where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that...

0.00437EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

archive-tar-new 安全漏洞

archive-tar-new is a Perl module developed by Jos Boumans, used for creating and manipulating tar files in memory. Versions of archive-tar-new prior to version 3.10 contained security vulnerabilities. These vulnerabilities stemmed from the readtar function, which did not set an upper limit when...

7.5CVSS5.9AI score0.00437EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.11 views

CVE-2026-9538

Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. readtar reads each entry's payload with $handle-read$$data, $block, where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that...

7.5CVSS5.8AI score0.00437EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.15 views

PT-2026-43166

Name of the Vulnerable Software and Affected Versions Archive::Tar versions prior to 3.10 Description Archive::Tar for Perl allows memory exhaustion when processing a tar header with an attacker-controlled entry size field. The read tar function reads each entry's payload using $handle-read$$data...

7.5CVSS5.4AI score0.00437EPSS
Exploits0References17
Rows per page
Query Builder