Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu tar 1.13.25 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2002-0399
Directory traversal vulnerability in GNU tar 1.13.19 up to and including 1.13.25, and possibly later versions, allows malicious users to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash b...
Gnu Tar 1.13.25
605
VMScore
CVE-2007-4131
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote malicious users to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
Gnu Tar 1.13.19
Gnu Tar 1.13.25
Gnu Tar 1.15.91
Gnu Tar 1.16
Gnu Tar 1.13
Gnu Tar 1.13.5
Gnu Tar 1.14
Gnu Tar 1.13.16
Gnu Tar 1.13.17
Gnu Tar 1.13.18
Gnu Tar 1.15.1
Gnu Tar 1.15.90
Gnu Tar 1.13.11
Gnu Tar 1.13.14
Gnu Tar 1.14.90
Gnu Tar 1.15
605
VMScore
CVE-2010-0624
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar prior to 1.23 and GNU cpio prior to 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending mor...
Gnu Tar 1.13.16
Gnu Tar 1.13.17
Gnu Tar 1.14.90
Gnu Tar 1.15
Gnu Tar 1.18
Gnu Tar 1.17
Gnu Cpio 2.5
Gnu Cpio 2.5.90
Gnu Tar 1.13.11
Gnu Tar 1.13.14
Gnu Tar 1.14
Gnu Tar 1.14.1
Gnu Tar 1.20
Gnu Tar 1.19
Gnu Cpio 1.3
Gnu Cpio 2.4-2
Gnu Tar
Gnu Cpio
Gnu Tar 1.13.18
Gnu Tar 1.13.19
Gnu Tar 1.15.1
Gnu Tar 1.15.90
1 Github repository
445
VMScore
CVE-2002-1216
GNU tar 1.13.19 and other versions prior to 1.13.25 allows remote malicious users to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.
Gnu Tar 1.13.19
Gnu Tar
231
VMScore
CVE-2005-1918
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted malicious users to overwrite arbitrary files via a crafted tar file, probably involving &q...
Gnu Tar 1.13.25
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux Desktop 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started