Gnu Tar
18 CVEs affecting Gnu Tar. Latest disclosed: 2026-04-06. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-9923 | High | 7.5 | 2019-03-22 | pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. |
CVE-2016-6321 | High | 7.5 | 2016-12-09 | Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection… |
CVE-2023-39804 | Medium | 6.2 | 2024-03-27 | In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. |
CVE-2022-48303 | Medium | 5.5 | 2023-01-30 | GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of c… |
CVE-2026-5704 | Medium | 5.0 | 2026-04-06 | A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attack… |
CVE-2018-20482 | Medium | 4.7 | 2018-12-26 | GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read… |
CVE-2025-45582 | Medium | 4.1 | 2025-07-11 | GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an… |
CVE-2021-20193 | Low | 3.3 | 2021-03-26 | A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consu… |
CVE-2010-0624 | | 2010-03-15 | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows… | |
CVE-2007-4476 | | 2007-09-05 | Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack." | |
CVE-2007-4131 | | 2007-08-25 | Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files… | |
CVE-2006-6097 | | 2006-11-24 | GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES… | |
CVE-2006-0300 | | 2006-02-24 | Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspe… | |
CVE-2005-1918 | | 2005-12-31 | The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that… | |
CVE-2005-2541 | | 2005-08-10 | Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. | |
CVE-2002-1216 | | 2002-10-28 | GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification th… | |
CVE-2002-0399 | | 2002-10-10 | Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive… | |
CVE-2001-1267 | | 2001-07-12 | Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose… |