All vulnerabilities

CVE-2021-33643

Description

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.

Patch Available

Fix available through Seal Security. 

No upgrade required, protect your application instantly.

Fix without upgrading
Score
Severity
Ecosystem
RPM
Publish Date
August 10, 2022
Modified Date
April 2, 2025
Score Vector
Affected Versions