Vulnerabilities > GNU > TAR > 1.12
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-30 | CVE-2022-48303 | Out-of-bounds Read vulnerability in multiple products GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. | 5.5 |
| 2021-03-26 | CVE-2021-20193 | Memory Leak vulnerability in GNU TAR A flaw was found in the src/list.c of tar 1.33 and earlier. | 3.3 |
| 2019-03-22 | CVE-2019-9923 | NULL Pointer Dereference vulnerability in multiple products pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. | 7.5 |
| 2018-12-26 | CVE-2018-20482 | Infinite Loop vulnerability in multiple products GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root). | 4.7 |