HIGH7.5CVE-2019-9923pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed exten… from 0, < 1.32+dfsg-1
from 0, < 1.29b-1.1
from 0, < 1.26+dfsg-0.1+deb7u1
HIGH7.5tar - security update
from 0, < 1.27.1-2+deb8u1
MEDIUM6.2tar - security update
from 0, < 1.30+dfsg-6+deb10u1
MEDIUM6.2tar - security update
from 0, < 1.34+dfsg-1+deb11u1
MEDIUM5.5A flaw was found in tar.
from 0
MEDIUM5.5GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump.
from 0, < 1.34+dfsg-1+deb11u1
MEDIUM4.7tar - security update
from 0, < 1.27.1-2+deb8u2
MEDIUM4.7tar - security update
from 0, < 1.30+dfsg-3.1
MEDIUM4.7tar - security update
from 0, < 1.29b-1.1+deb9u1
LOW3.3A flaw was found in the src/list.c of tar 1.33 and earlier.
from 0, < 1.34+dfsg-1
—Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio…
from 0, < 1.23-1
—cpio - programming error
from 0, < 1.18-1
—tar
from 0, < 1.16-2etch1
—tar
from 0, < 1.18-2
—tar
from 0, < 1.14-2.3
—tar
from 0, < 1.16-2
—tar - buffer overflow
from 0, < 1.15.1-3
—tar - buffer overflow
from 0, < 1.14-2.1
—The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect…
from 0, < 1.14-2.2
—Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain…
from 0
—GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result…
from 0, < 1.13.25