Bingos Archive::tar
3 CVEs affecting Bingos Archive::tar. Latest disclosed: 2026-05-26. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-42496 | Critical | 9.1 | 2026-05-26 | Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. _make_special_file() passes the… |
CVE-2026-9538 | High | 7.5 | 2026-05-26 | Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. _read_tar() reads each entry's payl… |
CVE-2026-42497 | High | 7.5 | 2026-05-26 | Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. _make_special_file() passes the ta… |