3 matches found
CVE-2025-46394
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences...
SUSE CVE-2005-1918
The original patch for a GNU tar directory traversal vulnerability CVE-2002-0399 in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/"...
DEBIAN-CVE-2006-0300
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service application crash and possibly execute code via unspecified vectors involving PAX extended headers...