Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu tar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2017_5715
First of all This repository is based on the findings of these 3 repositories: https://github.com/peter-nebe/optee_os/tree/master, https://github.com/jefg89/optee-rpi4/tree/main and most notably https://github.com/joaopeixoto13/OPTEE-RPI4. The idea of this repository is to work a...
1 Github repository
NA
CVE-2018_3639
First of all This repository is based on the findings of these 3 repositories: https://github.com/peter-nebe/optee_os/tree/master, https://github.com/jefg89/optee-rpi4/tree/main and most notably https://github.com/joaopeixoto13/OPTEE-RPI4. The idea of this repository is to work a...
1 Github repository
NA
CVE-2022_23960
First of all This repository is based on the findings of these 3 repositories: https://github.com/peter-nebe/optee_os/tree/master, https://github.com/jefg89/optee-rpi4/tree/main and most notably https://github.com/joaopeixoto13/OPTEE-RPI4. The idea of this repository is to work a...
1 Github repository
NA
CVE-2023-39804
In GNU tar prior to 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.
NA
CVE-2023-3385
An issue has been discovered in GitLab affecting all versions starting from 8.10 prior to 16.0.8, all versions starting from 16.1 prior to 16.1.3, all versions starting from 16.2 prior to 16.2.2. Under specific circumstances, a user importing a project 'from export' cou...
Gitlab Gitlab
NA
CVE-2022-48303
GNU Tar up to and including 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime h...
Gnu Tar
Fedoraproject Fedora 37
Fedoraproject Fedora 38
4.3
CVSSv2
CVE-2021-20193
A flaw was found in the src/list.c of tar 1.33 and previous versions. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.
Gnu Tar
1 Github repository
6.9
CVSSv2
CVE-2019-14866
In all versions of cpio prior to 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths ...
Gnu Cpio
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
5
CVSSv2
CVE-2019-9923
pax_decode_header in sparse.c in GNU Tar prior to 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.
Gnu Tar
Opensuse Leap 15.0
5
CVSSv2
CVE-2019-5747
An issue exists in BusyBox up to and including 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote malicious user to leak sensitive information from the stack by sending a crafted DHCP message. This is related...
Busybox Busybox
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »