Debian/libtar — 9 CVEs

CRITICAL9.1CVE-2021-33643libtar - security update

from 0, < 1.2.20-8+deb12u1~deb11u1

CRITICAL9.1CVE-2021-33643libtar - security update

from 0, < 1.2.20-8+deb12u1~deb11u1

HIGH8.1CVE-2021-33644An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable…

from 0, < 1.2.20-8+deb12u1~deb11u1

HIGH7.5The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.

from 0, < 1.2.20-8+deb12u1~deb11u1

HIGH7.5The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.

from 0, < 1.2.20-8+deb12u1~deb11u1

—libtar - directory traversal

from 0, < 1.2.11-6+deb6u2

—libtar - directory traversal

from 0, < 1.2.20-2

—libtar - Multiple integer overflows

from 0, < 1.2.11-6+deb6u1

—libtar - Multiple integer overflows

from 0, < 1.2.20-1

pkg:Debian/libtar

✅ Check your installed version

All known vulnerabilities