All vulnerabilities

CVE-2023-39804

Description

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Score
6.2
Severity
Medium
Ecosystem
RPM
Publish Date
March 27, 2024
Modified Date
March 14, 2026
Score Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Versions