Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:44700
HistoryDec 15, 2023 - 4:25 p.m.

Denial Of Service (DOS)

2023-12-1516:25:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
denial of service
tar
xattr_decoder
xheader.c
stack overflow
alloca
malicious archive
application crash

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Tar is vulnerable to Denial Of Service (DOS). The vulnerability is caused due to a defect in a function xattr_decoder() within xheader.c where sufficiently long xattr key may overflow a stack where alloca() is used. An attacker can trick a user into processing a malicious archive, causing an application to crash resulting in Denial Of Service (DOS).

Related

amazon 1
osv 2
openvas 15
redos 1
nessus 22
debiancve 1
ubuntu 1
cve 1
debian 1
cvelist 1
ubuntucve 1
redhatcve 1
nvd 1
photon 3
hp 2
amazon
amazon
Low: tar
2024-01-03 21:04:00
osv
osv
tar vulnerability
2023-12-11 00:26:33
tar - security update
2024-03-09 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2024-1188)
2024-02-09 00:00:00
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2024-1623)
2024-05-15 00:00:00
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2024-1539)
2024-04-22 00:00:00
redos
redos
ROS-20240425-02
2024-04-25 00:00:00
nessus
nessus
EulerOS Virtualization 2.9.1 : tar (EulerOS-SA-2024-1464)
2024-03-21 00:00:00
EulerOS Virtualization 2.11.1 : tar (EulerOS-SA-2024-1623)
2024-05-15 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : GNU Tar vulnerability (USN-6543-1)
2023-12-11 00:00:00
debiancve
debiancve
CVE-2023-39804
2024-03-27 04:15:08
ubuntu
ubuntu
GNU Tar vulnerability
2023-12-11 00:00:00
cve
cve
CVE-2023-39804
2024-03-27 04:15:08
debian
debian
[SECURITY] [DLA 3755-1] tar security update
2024-03-09 21:22:24
cvelist
cvelist
CVE-2023-39804
2024-03-27 00:00:00
ubuntucve
ubuntucve
CVE-2023-39804
2023-11-30 00:00:00
redhatcve
redhatcve
CVE-2023-39804
2023-12-11 19:27:11
nvd
nvd
CVE-2023-39804
2024-03-27 04:15:08
photon
photon
Low Photon OS Security Update - PHSA-2023-3.0-0703
2023-12-22 00:00:00
Low Photon OS Security Update - PHSA-2023-5.0-0178
2023-12-23 00:00:00
Low Photon OS Security Update - PHSA-2024-4.0-0540
2024-01-07 00:00:00
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for VERACODE:44700
amazon1osv2openvas15redos1nessus22debiancve1ubuntu1cve1debian1cvelist1ubuntucve1redhatcve1nvd1photon3hp2