Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:OPENSUSE-SU-2024:11422-1
HistoryJun 15, 2024 - 12:00 a.m.

tar-1.34-2.2 on GA media

2024-06-1500:00:00
Google
osv.dev
tar
1.34
2.2
ga media
opensuse tumbleweed
security issues
software

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

Low

JSON

These are all security issues fixed in the tar-1.34-2.2 package on the GA media of openSUSE Tumbleweed.

Related

nessus 62
cvelist 6
cve 6
nvd 6
redhat 3
centos 5
ubuntucve 6
openvas 56
debiancve 4
suse 2
osv 5
cloudfoundry 1
ubuntu 3
securityvulns 2
oraclelinux 1
exploitdb 1
gentoo 3
freebsd_advisory 1
freebsd 3
slackware 1
debian 6
alpinelinux 1
redhatcve 2
prion 3
archlinux 1
veracode 1
ibm 3
mageia 2
amazon 2
checkpoint_advisories 1
nessus
nessus
Mandrake Linux Security Advisory : tar (MDKSA-2002:066)
2004-07-31 00:00:00
RHEL 2.1 / 3 : tar (RHSA-2006:0195)
2006-02-22 00:00:00
CentOS 3 : tar (CESA-2006:0195)
2006-07-03 00:00:00
cvelist
cvelist
CVE-2002-0399
2002-10-01 04:00:00
CVE-2005-1918
2006-02-21 19:00:00
CVE-2001-1267
2004-09-01 04:00:00
cve
cve
CVE-2002-0399
2002-10-10 04:00:00
CVE-2005-1918
2006-02-21 19:00:00
CVE-2001-1267
2004-09-01 04:00:00
nvd
nvd
CVE-2002-0399
2002-10-10 04:00:00
CVE-2005-1918
2005-12-31 05:00:00
CVE-2001-1267
2001-07-12 04:00:00
redhat
redhat
(RHSA-2006:0195) tar security update
2006-02-21 00:00:00
(RHSA-2006:0749) Moderate: tar security update
2006-12-19 00:00:00
(RHSA-2006:0232) tar security update
2006-03-01 00:00:00
centos
centos
tar security update
2006-02-21 15:16:52
tar security update
2006-02-22 00:37:43
tar security update
2006-12-20 03:41:54
ubuntucve
ubuntucve
CVE-2005-1918
2005-12-31 00:00:00
CVE-2002-0399
2002-10-10 00:00:00
CVE-2019-9923
2019-03-22 00:00:00
openvas
openvas
SLES9: Security update for tar
2009-10-10 00:00:00
SLES9: Security update for tar
2009-10-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:14215-1)
2021-06-09 00:00:00
debiancve
debiancve
CVE-2005-1918
2006-02-21 19:00:00
CVE-2019-9923
2019-03-22 08:29:00
CVE-2018-20482
2018-12-26 18:29:00
suse
suse
Security update for tar (moderate)
2019-04-18 00:00:00
Security update for tar (moderate)
2022-05-05 00:00:00
osv
osv
tar vulnerabilities
2021-01-13 18:56:53
tar - security update
2018-12-31 00:00:00
tar - security update
2021-11-28 00:00:00
cloudfoundry
cloudfoundry
USN-4692-1: tar vulnerabilities | Cloud Foundry
2021-02-10 00:00:00
ubuntu
ubuntu
tar vulnerabilities
2021-01-13 00:00:00
tar vulnerability
2006-11-27 00:00:00
tar vulnerability
2006-02-23 00:00:00
securityvulns
securityvulns
rPSA-2007-0172-1 tar
2007-08-27 00:00:00
[Full-disclosure] [ MDKSA-2006:046 ] - Updated tar packages fix vulnerability
2006-02-22 00:00:00
oraclelinux
oraclelinux
Moderate tar security update
2006-12-20 00:00:00
exploitdb
exploitdb
GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal
2006-11-21 00:00:00
gentoo
gentoo
Tar: Directory traversal vulnerability
2006-12-11 00:00:00
Tar: Denial of service
2019-03-10 00:00:00
GNU tar: Buffer overflow
2006-03-10 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:26.gtar
2006-12-06 00:00:00
freebsd
freebsd
gtar -- name mangling symlink vulnerability
2006-12-06 00:00:00
gtar -- GNUTYPE_NAMES directory traversal vulnerability
2006-11-21 00:00:00
gtar -- invalid headers buffer overflow
2006-02-22 00:00:00
slackware
slackware
[slackware-security] tar
2006-12-01 22:55:57
debian
debian
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
2006-12-01 16:26:11
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
2006-12-01 16:26:11
[SECURITY] [DLA 1623-1] tar security update
2018-12-31 09:51:16
alpinelinux
alpinelinux
CVE-2018-20482
2018-12-26 18:29:00
redhatcve
redhatcve
CVE-2018-20482
2018-12-27 21:49:21
CVE-2019-9923
2019-03-22 13:19:41
prion
prion
Null pointer dereference
2019-03-22 08:29:00
Design/Logic Flaw
2018-12-26 18:29:00
Buffer overflow
2006-02-24 00:02:00
archlinux
archlinux
[ASA-201901-1] tar: denial of service
2019-01-08 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-01-15 02:15:58
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU Tar (CVE-2019-9923).
2023-01-12 21:59:00
Security Bulletin: GNU Tar sparse_dump_region function denial of service affects IBM Spectrum LSF Application Center
2019-03-08 05:15:01
Security Bulletin: A vulnerability in GNU Tar affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2019-9923)
2023-01-12 21:59:00
mageia
mageia
GNU tar has been updated to fix CVE-2018-20482
2019-01-12 00:07:56
Updated tar packages fix security vulnerability
2019-05-12 12:35:33
amazon
amazon
Medium: tar
2023-05-25 17:41:00
Medium: tar
2023-05-25 17:41:00
checkpoint_advisories
checkpoint_advisories
GNU Tar PAX Extended Headers Handling Buffer Overflow (CVE-2006-0300)
2009-10-11 00:00:00

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

Low

JSON
Related for OSV:OPENSUSE-SU-2024:11422-1
nessus62cvelist6cve6nvd6redhat3centos5ubuntucve6openvas56debiancve4suse2osv5cloudfoundry1ubuntu3securityvulns2oraclelinux1exploitdb1gentoo3freebsd_advisory1freebsd3slackware1debian6alpinelinux1redhatcve2prion3archlinux1veracode1ibm3mageia2amazon2checkpoint_advisories1