18 matches found
CVE-2018-20482
CVE-2018-20482 affects GNU tar: when using --sparse, tar can enter an infinite read loop during file shrinkage, enabling a local attacker to cause a denial of service by modifying a file being archived by another user. Affected until upstream tar versions prior to the fix; remediation is to upgra...
CVE-2021-20193
CVE-2021-20193 affects tar 1.33 and earlier. A flaw in tar’s src/list.c allows an attacker submitting a crafted input file to cause uncontrolled memory consumption, with the highest impact on availability. No specific patch/version is provided in the supplied documents; some connected advisories ...
CVE-2019-9923
CVE-2019-9923 : pax_decode_header in GNU Tar’s sparse.c can dereference a NULL pointer when parsing archives with malformed extended headers, leading to a crash. Affected: GNU Tar prior to 1.32. Impact stated in sources is a NULL pointer dereference (DoS via crash) with CVSS v3.1 base 7.5 (HIGH)....
CVE-2022-48303
Summary: CVE-2022-48303 affects GNU tar up to version 1.34, with a one-byte out-of-bounds read in from_header/list.c for V7 archives where mtime has ~11 whitespace characters. This can cause use of uninitialized memory and a conditional jump; exploitation to alter control flow has not been demons...
CVE-2016-6321
CVE-2016-6321 is a directory traversal vulnerability in GNU tar (safer_name_suffix) affecting tar 1.14–1.29. An attacker could bypass path sanitization and overwrite arbitrary files when extracting archives, via crafted file names (aka POINTYFEATHER). The issue is triggered by how tar removes off...
CVE-2005-2541
CVE-2005-2541 concerns Tar 1.15.1, which does not properly warn when extracting files with setuid or setgid permissions. The bulletin states this may let local users or remote attackers gain privileges. The issue is described with the affected component and the impact (privilege escalation), but ...
CVE-2007-4476
CVE-2007-4476 is a buffer overflow in the safer_name_suffix function of GNU tar that exposes a crashing stack. The supplied connected documents corroborate the issue within tar/cpio track records and list it alongside other related CVEs (e.g., CVE-2010-0624); no explicit patch versions or remedia...
CVE-2001-1267
The CVE-2001-1267 entry describes a directory traversal in GNU tar
CVE-2023-39804
CVE-2023-39804 corresponds to a GNU tar issue where mishandled extension attributes in a PAX archive can crash an application via xheader.c. The connected IBM bulletin maps this CVE to IBM API Connect onPrem v12 (12.1.0.0) and lists remediation by upgrading to v12.1.0.1. The IBM advisory presents...
CVE-2010-0624
CVE-2010-0624 describes a heap-based buffer overflow in the rmt_read__ function of lib/rtapelib.c within the rmt client of GNU tar (before 1.23) and GNU cpio (before 2.11). A remote rmt server sending more data than requested (in archives whose filenames contain a colon) can cause memory corrupti...
CVE-2006-0300
CVE-2006-0300 refers to a buffer overflow in GNU tar versions 1.14–1.15.90 triggered by processing TAR archives with PAX extended headers. The impact described in the core CVE is a denial of service (application crash) and potential code execution via unspecified vectors. Connected advisories and...
CVE-2007-4131
CVE-2007-4131 is a directory traversal vulnerability in GNU tar (contains_dot_dot in src/names.c) that lets a user-assisted attacker cause tar to overwrite arbitrary files when processing crafted archives containing //.. sequences in directory symlinks. Impact is that extraction could write outsi...
CVE-2025-45582
CVE-2025-45582 (GNU Tar) : GNU Tar up to 1.35 allows file overwrite via a two-step directory traversal attack. An attacker can craft two archives: first to place a ../ symlink to a sensitive directory, second to target a critical file by a relative path beginning with the symlink, causing the ext...
CVE-2005-1918
CVE-2005-1918 is a continuation of the GNU tar directory traversal issue. It stems from an incorrect optimization in the backported patch used by Red Hat Enterprise Linux 3 and the 2.1 line, which allowed a crafted tar file (likely using "/../" sequences with a leading "/") to overwrite arbitrary...
CVE-2006-6097
Summary: CVE-2006-6097 affects GNU tar (notably v1.15.1 and v1.16) due to improper handling of GNUTYPE_NAMES symlink records during extraction, enabling a user-assisted attacker to overwrite arbitrary files. Multiple advisories report the issue as a path-traversal vulnerability in tar extraction,...
CVE-2002-0399
CVE-2007-4559 is a directory traversal vulnerability in the tarfile module of Python, allowing a tar archive containing a .. sequence to overwrite arbitrary files during extraction. The issue is referenced in multiple Nessus advisories (e.g., Alibaba Cloud Linux 3 advisory ALINUX3-SA-2024:0040 an...
CVE-2002-1216
CVE-2002-1216 is a variant of a tar vulnerability where GNU tar versions around 1.13.x and later (including 1.16 and 1.15.1) are affected by a symlink-based attack that can overwrite arbitrary files. The root cause is improper handling of GNUTYPE_NAMES records with symbolic links in the extract_a...
CVE-2026-5704
CVE-2026-5704 affects the tar component. A flaw allows a remote attacker to craft an archive that injects hidden files with attacker-controlled content, bypassing pre-extraction inspection and potentially introducing malicious files to a system without detection. The vulnerability is described wi...