| Bug | Description |
|---|
| CVE-2023-39804 | In GNU tar before 1.35, mishandled extension attributes in a PAX archi ... |
| CVE-2022-48303 | GNU Tar through 1.34 has a one-byte out-of-bounds read that results in ... |
| CVE-2021-20193 | A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw ... |
| CVE-2019-9923 | pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointe ... |
| CVE-2018-20482 | GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage ... |
| CVE-2016-6321 | Directory traversal vulnerability in the safer_name_suffix function in ... |
| CVE-2010-0624 | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib. ... |
| CVE-2007-4476 | Buffer overflow in the safer_name_suffix function in GNU tar has unspe ... |
| CVE-2007-4131 | Directory traversal vulnerability in the contains_dot_dot function in ... |
| CVE-2006-6097 | GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assi ... |
| CVE-2006-0300 | Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attac ... |
| CVE-2005-1918 | The original patch for a GNU tar directory traversal vulnerability (CV ... |
| CVE-2002-1216 | GNU tar 1.13.19 and other versions before 1.13.25 allows remote attack ... |