Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tar vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-8860
The tar package prior to 2.0.0 for Node.js allows remote malicious users to write to arbitrary files via a symlink attack in an archive.
Nodejs Node.js
7.5
CVSSv2
CVE-2022-26612
In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry ma...
Apache Hadoop
Apache Hadoop 3.3.1
Apache Hadoop 3.3.2
7.5
CVSSv2
CVE-2021-32840
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in ve...
Sharpziplib Project Sharpziplib
4.3
CVSSv2
CVE-2012-1422
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote malicious users to bypass malware detection via a POSIX TAR file with an initial ITSF character sequence. NOTE: this may lat...
Eset Nod32 Antivirus 5795
Norman Norman Antivirus \\& Antispyware 6.06.12
Cat Quick Heal 11.00
Rising-global Rising Antivirus 22.83.00.03
NA
CVE-2023-31483
tar/TarFileReader.cpp in Cauldron cbang before bastet-v8.1.17 has a directory traversal during extraction that allows the malicious user to create or write to files outside the current directory via a crafted tar archive.
Cauldrondevelopment Cbang
7.1
CVSSv2
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions prior to 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected ...
Storage Project Storage
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2012-1421
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote malicious users to bypass malware detection via a POSIX TAR file with an initial MSCF c...
Symantec Endpoint Protection 11.0
Norman Norman Antivirus \\& Antispyware 6.06.12
Cat Quick Heal 11.00
Rising-global Rising Antivirus 22.83.00.03
4.3
CVSSv2
CVE-2012-1428
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote malicious users to bypass malware detection via a POSIX TAR file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be...
Cat Quick Heal 11.00
Norman Norman Antivirus \\& Antispyware 6.06.12
Sophos Sophos Anti-virus 4.61.0
4.3
CVSSv2
CVE-2012-1427
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote malicious users to bypass malware detection via a POSIX TAR file with a \57\69\6E\5A\69\70 character sequence at a certain location. NOTE: this may la...
Cat Quick Heal 11.00
Norman Norman Antivirus \\& Antispyware 6.06.12
Sophos Sophos Anti-virus 4.61.0
4.3
CVSSv2
CVE-2012-1426
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, K7 AntiVirus 9.77.3565, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote malicious users to bypass malware detection via a POSIX TAR file w...
Cat Quick Heal 11.00
Authentium Command Antivirus 5.2.11.5
F-prot F-prot Antivirus 4.6.2.117
K7computing Antivirus 9.77.3565
Norman Norman Antivirus \\& Antispyware 6.06.12
Rising-global Rising Antivirus 22.83.00.03
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »