Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:7301
HistoryAug 15, 2018 - 3:57 a.m.

Denial Of Service (DoS)

2018-08-1503:57:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5

0.034 Low

EPSS

Percentile

91.5%

libtar.so is vulnerable to denial of service (DoS). It is possible because the th_read function in lib/block.c does not check the name and link parameters in archive, allowing the attackers to cause heap-based buffer overflow.

CPENameOperatorVersion
libtar.soeq1.2.11
libtar.soeq1.2.11