RSS   Vulnerabilities for 'TAR'   RSS

2021-08-10
 
CVE-2021-38511

CWE-22
 
 
An issue was discovered in the tar crate before 0.4.36 for Rust. When symlinks are present in a TAR archive, extraction can create arbitrary directories via .. traversal.

 
2019-08-26
 
CVE-2018-20990

CWE-59
 
 
An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive.

 

Copyright 2024, cxsecurity.com

 

Back to Top