Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016814)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016814 advisory. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large...

4.3CVSS5.8AI score0.00419EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.9 views

Unity Linux 20.1070a Security Update: osbuild-composer (UTSA-2026-016489)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016489 advisory. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/01/22 5:34 a.m.3 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
OSV
OSV
added 2025/10/29 11:16 p.m.7 views

AZL-69251 CVE-2025-58183 affecting package golang 1.26.0-1

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS7AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.7 views

AZL-69302 CVE-2025-58183 affecting package moby-engine for versions less than 25.0.3-14

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS7AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.4 views

AZL-69296 CVE-2025-58183 affecting package skopeo for versions less than 1.14.2-13

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS7AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.6 views

AZL-78907 CVE-2025-58183 affecting package golang 1.25.7-1

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS7.2AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.7 views

AZL-69005 CVE-2025-58183 affecting package podman 5.6.1-7

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS7.2AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2007/07/14 12:30 a.m.8 views

CVE-2007-3644

archivereadsupportformattar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service infinite loop via 1 an end-of-file condition within a pax extension header or 2 a malformed pax extension header in an a PAX or a b TAR archive...

6.4AI score
Exploits0References20
Rows per page
Query Builder