Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/tar@1.12-7
Typedeb
Namespacedebian
Nametar
Version1.12-7
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.34+dfsg-1+deb11u1
Latest_non_vulnerable_version1.34+dfsg-1+deb11u1
Affected_by_vulnerabilities
0
url VCID-6znq-56pa-tyet
vulnerability_id VCID-6znq-56pa-tyet
summary 
A malicious tar archive could trigger a Buffer overflow in GNU tar,
    potentially resulting in the execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0300.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0300.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-0300
reference_id
reference_type
scores
0
value 0.18808
scoring_system epss
scoring_elements 0.95257
published_at 2026-04-01T12:55:00Z
1
value 0.18808
scoring_system epss
scoring_elements 0.95269
published_at 2026-04-02T12:55:00Z
2
value 0.18808
scoring_system epss
scoring_elements 0.95275
published_at 2026-04-04T12:55:00Z
3
value 0.18808
scoring_system epss
scoring_elements 0.9528
published_at 2026-04-07T12:55:00Z
4
value 0.18808
scoring_system epss
scoring_elements 0.95288
published_at 2026-04-08T12:55:00Z
5
value 0.18808
scoring_system epss
scoring_elements 0.9529
published_at 2026-04-09T12:55:00Z
6
value 0.18808
scoring_system epss
scoring_elements 0.95295
published_at 2026-04-11T12:55:00Z
7
value 0.18808
scoring_system epss
scoring_elements 0.95296
published_at 2026-04-12T12:55:00Z
8
value 0.18808
scoring_system epss
scoring_elements 0.95298
published_at 2026-04-13T12:55:00Z
9
value 0.18808
scoring_system epss
scoring_elements 0.95305
published_at 2026-04-16T12:55:00Z
10
value 0.18808
scoring_system epss
scoring_elements 0.95309
published_at 2026-04-18T12:55:00Z
11
value 0.18808
scoring_system epss
scoring_elements 0.95312
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-0300
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617881
reference_id 1617881
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617881
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=354091
reference_id 354091
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=354091
5
reference_url https://security.gentoo.org/glsa/200603-06
reference_id GLSA-200603-06
reference_type
scores
url https://security.gentoo.org/glsa/200603-06
6
reference_url https://access.redhat.com/errata/RHSA-2006:0232
reference_id RHSA-2006:0232
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0232
7
reference_url https://usn.ubuntu.com/257-1/
reference_id USN-257-1
reference_type
scores
url https://usn.ubuntu.com/257-1/
fixed_packages
0
url pkg:deb/debian/tar@1.16-2
purl pkg:deb/debian/tar@1.16-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjve-yt21-5uhe
1
vulnerability VCID-ft5f-trap-43fa
2
vulnerability VCID-hq66-w1de-eqe9
3
vulnerability VCID-k3h6-k26e-vke3
4
vulnerability VCID-pkfu-tkaw-m7ba
5
vulnerability VCID-rpve-2nqs-mucp
6
vulnerability VCID-svwr-123p-skeq
7
vulnerability VCID-vzdf-6u9d-bfax
8
vulnerability VCID-zakj-27p6-6kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.16-2
aliases CVE-2006-0300
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6znq-56pa-tyet
1
url VCID-bjve-yt21-5uhe
vulnerability_id VCID-bjve-yt21-5uhe
summary A vulnerability in Tar could lead to a Denial of Service condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20193.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20193.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20193
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.21172
published_at 2026-04-01T12:55:00Z
1
value 0.00069
scoring_system epss
scoring_elements 0.2117
published_at 2026-04-21T12:55:00Z
2
value 0.00069
scoring_system epss
scoring_elements 0.21183
published_at 2026-04-16T12:55:00Z
3
value 0.00069
scoring_system epss
scoring_elements 0.21193
published_at 2026-04-18T12:55:00Z
4
value 0.00069
scoring_system epss
scoring_elements 0.21325
published_at 2026-04-02T12:55:00Z
5
value 0.00069
scoring_system epss
scoring_elements 0.21379
published_at 2026-04-04T12:55:00Z
6
value 0.00069
scoring_system epss
scoring_elements 0.21133
published_at 2026-04-07T12:55:00Z
7
value 0.00069
scoring_system epss
scoring_elements 0.21213
published_at 2026-04-08T12:55:00Z
8
value 0.00069
scoring_system epss
scoring_elements 0.21275
published_at 2026-04-09T12:55:00Z
9
value 0.00069
scoring_system epss
scoring_elements 0.21285
published_at 2026-04-11T12:55:00Z
10
value 0.00069
scoring_system epss
scoring_elements 0.21244
published_at 2026-04-12T12:55:00Z
11
value 0.00069
scoring_system epss
scoring_elements 0.2119
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20193
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1917565
reference_id 1917565
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1917565
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980525
reference_id 980525
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980525
6
reference_url https://security.archlinux.org/ASA-202102-41
reference_id ASA-202102-41
reference_type
scores
url https://security.archlinux.org/ASA-202102-41
7
reference_url https://security.archlinux.org/AVG-1462
reference_id AVG-1462
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1462
8
reference_url https://security.gentoo.org/glsa/202105-29
reference_id GLSA-202105-29
reference_type
scores
url https://security.gentoo.org/glsa/202105-29
9
reference_url https://usn.ubuntu.com/5329-1/
reference_id USN-5329-1
reference_type
scores
url https://usn.ubuntu.com/5329-1/
fixed_packages
0
url pkg:deb/debian/tar@1.34%2Bdfsg-1%2Bdeb11u1
purl pkg:deb/debian/tar@1.34%2Bdfsg-1%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.34%252Bdfsg-1%252Bdeb11u1
aliases CVE-2021-20193
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bjve-yt21-5uhe
2
url VCID-c117-938e-pkbm
vulnerability_id VCID-c117-938e-pkbm
summary security flaw
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1216.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1216.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1216
reference_id
reference_type
scores
0
value 0.00669
scoring_system epss
scoring_elements 0.71247
published_at 2026-04-01T12:55:00Z
1
value 0.00669
scoring_system epss
scoring_elements 0.71255
published_at 2026-04-02T12:55:00Z
2
value 0.00669
scoring_system epss
scoring_elements 0.71273
published_at 2026-04-04T12:55:00Z
3
value 0.00669
scoring_system epss
scoring_elements 0.71248
published_at 2026-04-07T12:55:00Z
4
value 0.00669
scoring_system epss
scoring_elements 0.71289
published_at 2026-04-08T12:55:00Z
5
value 0.00669
scoring_system epss
scoring_elements 0.71303
published_at 2026-04-09T12:55:00Z
6
value 0.00669
scoring_system epss
scoring_elements 0.71325
published_at 2026-04-21T12:55:00Z
7
value 0.00669
scoring_system epss
scoring_elements 0.7131
published_at 2026-04-12T12:55:00Z
8
value 0.00669
scoring_system epss
scoring_elements 0.71294
published_at 2026-04-13T12:55:00Z
9
value 0.00669
scoring_system epss
scoring_elements 0.7134
published_at 2026-04-16T12:55:00Z
10
value 0.00669
scoring_system epss
scoring_elements 0.71346
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1216
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1216
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1216
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616858
reference_id 1616858
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616858
4
reference_url https://access.redhat.com/errata/RHSA-2002:096
reference_id RHSA-2002:096
reference_type
scores
url https://access.redhat.com/errata/RHSA-2002:096
5
reference_url https://access.redhat.com/errata/RHSA-2002:138
reference_id RHSA-2002:138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2002:138
6
reference_url https://access.redhat.com/errata/RHSA-2003:218
reference_id RHSA-2003:218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:218
fixed_packages
0
url pkg:deb/debian/tar@1.13.25-2
purl pkg:deb/debian/tar@1.13.25-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6znq-56pa-tyet
1
vulnerability VCID-bjve-yt21-5uhe
2
vulnerability VCID-ft5f-trap-43fa
3
vulnerability VCID-hq66-w1de-eqe9
4
vulnerability VCID-k3h6-k26e-vke3
5
vulnerability VCID-pkfu-tkaw-m7ba
6
vulnerability VCID-rpve-2nqs-mucp
7
vulnerability VCID-rufk-zs3j-9qf6
8
vulnerability VCID-svwr-123p-skeq
9
vulnerability VCID-vzdf-6u9d-bfax
10
vulnerability VCID-zakj-27p6-6kbf
11
vulnerability VCID-zn6w-f898-tqgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.13.25-2
aliases CVE-2002-1216
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c117-938e-pkbm
3
url VCID-ft5f-trap-43fa
vulnerability_id VCID-ft5f-trap-43fa
summary 
GNU cpio contains a buffer overflow vulnerability, possibly resulting in a
    Denial of Service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4476.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4476.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-4476
reference_id
reference_type
scores
0
value 0.11809
scoring_system epss
scoring_elements 0.93675
published_at 2026-04-01T12:55:00Z
1
value 0.11809
scoring_system epss
scoring_elements 0.93685
published_at 2026-04-02T12:55:00Z
2
value 0.11809
scoring_system epss
scoring_elements 0.93696
published_at 2026-04-04T12:55:00Z
3
value 0.11809
scoring_system epss
scoring_elements 0.93698
published_at 2026-04-07T12:55:00Z
4
value 0.11809
scoring_system epss
scoring_elements 0.93707
published_at 2026-04-08T12:55:00Z
5
value 0.11809
scoring_system epss
scoring_elements 0.93709
published_at 2026-04-09T12:55:00Z
6
value 0.11809
scoring_system epss
scoring_elements 0.93714
published_at 2026-04-12T12:55:00Z
7
value 0.11809
scoring_system epss
scoring_elements 0.93715
published_at 2026-04-13T12:55:00Z
8
value 0.11809
scoring_system epss
scoring_elements 0.93732
published_at 2026-04-16T12:55:00Z
9
value 0.11809
scoring_system epss
scoring_elements 0.93739
published_at 2026-04-18T12:55:00Z
10
value 0.11809
scoring_system epss
scoring_elements 0.93742
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-4476
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=280961
reference_id 280961
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=280961
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441444
reference_id 441444
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441444
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449222
reference_id 449222
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449222
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/30766.c
reference_id CVE-2007-4476;OSVDB-42149
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/30766.c
7
reference_url https://www.securityfocus.com/bid/26445/info
reference_id CVE-2007-4476;OSVDB-42149
reference_type exploit
scores
url https://www.securityfocus.com/bid/26445/info
8
reference_url https://security.gentoo.org/glsa/200711-18
reference_id GLSA-200711-18
reference_type
scores
url https://security.gentoo.org/glsa/200711-18
9
reference_url https://access.redhat.com/errata/RHSA-2010:0141
reference_id RHSA-2010:0141
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0141
10
reference_url https://access.redhat.com/errata/RHSA-2010:0144
reference_id RHSA-2010:0144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0144
11
reference_url https://usn.ubuntu.com/650-1/
reference_id USN-650-1
reference_type
scores
url https://usn.ubuntu.com/650-1/
12
reference_url https://usn.ubuntu.com/709-1/
reference_id USN-709-1
reference_type
scores
url https://usn.ubuntu.com/709-1/
fixed_packages
0
url pkg:deb/debian/tar@1.20-1%2Blenny1
purl pkg:deb/debian/tar@1.20-1%2Blenny1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjve-yt21-5uhe
1
vulnerability VCID-hq66-w1de-eqe9
2
vulnerability VCID-pkfu-tkaw-m7ba
3
vulnerability VCID-rpve-2nqs-mucp
4
vulnerability VCID-svwr-123p-skeq
5
vulnerability VCID-vzdf-6u9d-bfax
6
vulnerability VCID-zakj-27p6-6kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.20-1%252Blenny1
aliases CVE-2007-4476
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ft5f-trap-43fa
4
url VCID-hq66-w1de-eqe9
vulnerability_id VCID-hq66-w1de-eqe9
summary tar: Incorrectly handled extension attributes in PAX archives can lead to a crash
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39804.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39804.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-39804
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.1048
published_at 2026-04-02T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10509
published_at 2026-04-21T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10487
published_at 2026-04-08T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.10555
published_at 2026-04-09T12:55:00Z
4
value 0.00036
scoring_system epss
scoring_elements 0.10584
published_at 2026-04-11T12:55:00Z
5
value 0.00036
scoring_system epss
scoring_elements 0.10551
published_at 2026-04-12T12:55:00Z
6
value 0.00036
scoring_system epss
scoring_elements 0.10528
published_at 2026-04-13T12:55:00Z
7
value 0.00036
scoring_system epss
scoring_elements 0.10395
published_at 2026-04-16T12:55:00Z
8
value 0.00036
scoring_system epss
scoring_elements 0.10381
published_at 2026-04-18T12:55:00Z
9
value 0.00036
scoring_system epss
scoring_elements 0.10549
published_at 2026-04-04T12:55:00Z
10
value 0.00036
scoring_system epss
scoring_elements 0.10413
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-39804
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39804
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2254067
reference_id 2254067
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2254067
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058079
reference_id bugreport.cgi?bug=1058079
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-04T11:15:54Z/
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058079
6
reference_url https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4
reference_id ?id=a339f05cd269013fa133d2f148d73f6f7d4247e4
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-04T11:15:54Z/
url https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4
7
reference_url https://usn.ubuntu.com/6543-1/
reference_id USN-6543-1
reference_type
scores
url https://usn.ubuntu.com/6543-1/
8
reference_url https://git.savannah.gnu.org/cgit/tar.git/tree/src/xheader.c?h=release_1_34#n1723
reference_id xheader.c?h=release_1_34#n1723
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-04T11:15:54Z/
url https://git.savannah.gnu.org/cgit/tar.git/tree/src/xheader.c?h=release_1_34#n1723
fixed_packages
0
url pkg:deb/debian/tar@1.34%2Bdfsg-1%2Bdeb11u1
purl pkg:deb/debian/tar@1.34%2Bdfsg-1%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.34%252Bdfsg-1%252Bdeb11u1
aliases CVE-2023-39804
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hq66-w1de-eqe9
5
url VCID-k3h6-k26e-vke3
vulnerability_id VCID-k3h6-k26e-vke3
summary A directory traversal vulnerability has been discovered in GNU Tar.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4131.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4131.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-4131
reference_id
reference_type
scores
0
value 0.11051
scoring_system epss
scoring_elements 0.93408
published_at 2026-04-01T12:55:00Z
1
value 0.11051
scoring_system epss
scoring_elements 0.93416
published_at 2026-04-02T12:55:00Z
2
value 0.11051
scoring_system epss
scoring_elements 0.93424
published_at 2026-04-07T12:55:00Z
3
value 0.11051
scoring_system epss
scoring_elements 0.93432
published_at 2026-04-08T12:55:00Z
4
value 0.11051
scoring_system epss
scoring_elements 0.93436
published_at 2026-04-09T12:55:00Z
5
value 0.11051
scoring_system epss
scoring_elements 0.93441
published_at 2026-04-11T12:55:00Z
6
value 0.11051
scoring_system epss
scoring_elements 0.93442
published_at 2026-04-12T12:55:00Z
7
value 0.11443
scoring_system epss
scoring_elements 0.93593
published_at 2026-04-13T12:55:00Z
8
value 0.11443
scoring_system epss
scoring_elements 0.93612
published_at 2026-04-16T12:55:00Z
9
value 0.11443
scoring_system epss
scoring_elements 0.93619
published_at 2026-04-18T12:55:00Z
10
value 0.11443
scoring_system epss
scoring_elements 0.93624
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-4131
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=251921
reference_id 251921
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=251921
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439335
reference_id 439335
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439335
5
reference_url https://security.gentoo.org/glsa/200709-09
reference_id GLSA-200709-09
reference_type
scores
url https://security.gentoo.org/glsa/200709-09
6
reference_url https://access.redhat.com/errata/RHSA-2007:0860
reference_id RHSA-2007:0860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0860
7
reference_url https://usn.ubuntu.com/506-1/
reference_id USN-506-1
reference_type
scores
url https://usn.ubuntu.com/506-1/
fixed_packages
0
url pkg:deb/debian/tar@1.20-1%2Blenny1
purl pkg:deb/debian/tar@1.20-1%2Blenny1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjve-yt21-5uhe
1
vulnerability VCID-hq66-w1de-eqe9
2
vulnerability VCID-pkfu-tkaw-m7ba
3
vulnerability VCID-rpve-2nqs-mucp
4
vulnerability VCID-svwr-123p-skeq
5
vulnerability VCID-vzdf-6u9d-bfax
6
vulnerability VCID-zakj-27p6-6kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.20-1%252Blenny1
aliases CVE-2007-4131
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k3h6-k26e-vke3
6
url VCID-pkfu-tkaw-m7ba
vulnerability_id VCID-pkfu-tkaw-m7ba
summary A vulnerability has been discovered in GNU Tar which may lead to an out of bounds read.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48303.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48303.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-48303
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13533
published_at 2026-04-21T12:55:00Z
1
value 0.00048
scoring_system epss
scoring_elements 0.14958
published_at 2026-04-02T12:55:00Z
2
value 0.00048
scoring_system epss
scoring_elements 0.15035
published_at 2026-04-04T12:55:00Z
3
value 0.00048
scoring_system epss
scoring_elements 0.14839
published_at 2026-04-07T12:55:00Z
4
value 0.00048
scoring_system epss
scoring_elements 0.14928
published_at 2026-04-08T12:55:00Z
5
value 0.00048
scoring_system epss
scoring_elements 0.14979
published_at 2026-04-09T12:55:00Z
6
value 0.00048
scoring_system epss
scoring_elements 0.14942
published_at 2026-04-11T12:55:00Z
7
value 0.00048
scoring_system epss
scoring_elements 0.14904
published_at 2026-04-12T12:55:00Z
8
value 0.00048
scoring_system epss
scoring_elements 0.14845
published_at 2026-04-13T12:55:00Z
9
value 0.00048
scoring_system epss
scoring_elements 0.14741
published_at 2026-04-16T12:55:00Z
10
value 0.00048
scoring_system epss
scoring_elements 0.14748
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-48303
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://savannah.gnu.org/patch/?10307
reference_id ?10307
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-27T20:34:11Z/
url https://savannah.gnu.org/patch/?10307
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2149722
reference_id 2149722
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2149722
6
reference_url https://savannah.gnu.org/bugs/?62387
reference_id ?62387
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-27T20:34:11Z/
url https://savannah.gnu.org/bugs/?62387
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
reference_id CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-27T20:34:11Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
8
reference_url https://security.gentoo.org/glsa/202402-12
reference_id GLSA-202402-12
reference_type
scores
url https://security.gentoo.org/glsa/202402-12
9
reference_url https://access.redhat.com/errata/RHSA-2023:0842
reference_id RHSA-2023:0842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0842
10
reference_url https://access.redhat.com/errata/RHSA-2023:0959
reference_id RHSA-2023:0959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0959
11
reference_url https://access.redhat.com/errata/RHSA-2023:5610
reference_id RHSA-2023:5610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5610
12
reference_url https://usn.ubuntu.com/5900-1/
reference_id USN-5900-1
reference_type
scores
url https://usn.ubuntu.com/5900-1/
13
reference_url https://usn.ubuntu.com/5900-2/
reference_id USN-5900-2
reference_type
scores
url https://usn.ubuntu.com/5900-2/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
reference_id X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-27T20:34:11Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
fixed_packages
0
url pkg:deb/debian/tar@1.34%2Bdfsg-1%2Bdeb11u1
purl pkg:deb/debian/tar@1.34%2Bdfsg-1%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.34%252Bdfsg-1%252Bdeb11u1
aliases CVE-2022-48303
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pkfu-tkaw-m7ba
7
url VCID-rpve-2nqs-mucp
vulnerability_id VCID-rpve-2nqs-mucp
summary tar: null-pointer dereference in pax_decode_header in sparse.c
references
0
reference_url http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:59:20Z/
url http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:59:20Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9923.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9923.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9923
reference_id
reference_type
scores
0
value 0.004
scoring_system epss
scoring_elements 0.60722
published_at 2026-04-21T12:55:00Z
1
value 0.004
scoring_system epss
scoring_elements 0.6056
published_at 2026-04-01T12:55:00Z
2
value 0.004
scoring_system epss
scoring_elements 0.60635
published_at 2026-04-02T12:55:00Z
3
value 0.004
scoring_system epss
scoring_elements 0.60709
published_at 2026-04-12T12:55:00Z
4
value 0.004
scoring_system epss
scoring_elements 0.60689
published_at 2026-04-13T12:55:00Z
5
value 0.004
scoring_system epss
scoring_elements 0.60732
published_at 2026-04-16T12:55:00Z
6
value 0.004
scoring_system epss
scoring_elements 0.60738
published_at 2026-04-18T12:55:00Z
7
value 0.00531
scoring_system epss
scoring_elements 0.67264
published_at 2026-04-08T12:55:00Z
8
value 0.00531
scoring_system epss
scoring_elements 0.67298
published_at 2026-04-11T12:55:00Z
9
value 0.00531
scoring_system epss
scoring_elements 0.67278
published_at 2026-04-09T12:55:00Z
10
value 0.00531
scoring_system epss
scoring_elements 0.67237
published_at 2026-04-04T12:55:00Z
11
value 0.00531
scoring_system epss
scoring_elements 0.67213
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9923
4
reference_url http://savannah.gnu.org/bugs/?55369
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:59:20Z/
url http://savannah.gnu.org/bugs/?55369
5
reference_url https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:59:20Z/
url https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:59:20Z/
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:59:20Z/
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1691764
reference_id 1691764
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1691764
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925286
reference_id 925286
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925286
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9923
reference_id CVE-2019-9923
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-9923
15
reference_url https://usn.ubuntu.com/4692-1/
reference_id USN-4692-1
reference_type
scores
url https://usn.ubuntu.com/4692-1/
fixed_packages
0
url pkg:deb/debian/tar@1.34%2Bdfsg-1%2Bdeb11u1
purl pkg:deb/debian/tar@1.34%2Bdfsg-1%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.34%252Bdfsg-1%252Bdeb11u1
aliases CVE-2019-9923
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rpve-2nqs-mucp
8
url VCID-rufk-zs3j-9qf6
vulnerability_id VCID-rufk-zs3j-9qf6
summary tar archive path traversal issue
references
0
reference_url ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc
reference_id
reference_type
scores
url ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1918.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1918.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-1918
reference_id
reference_type
scores
0
value 0.02059
scoring_system epss
scoring_elements 0.8393
published_at 2026-04-21T12:55:00Z
1
value 0.02059
scoring_system epss
scoring_elements 0.83836
published_at 2026-04-01T12:55:00Z
2
value 0.02059
scoring_system epss
scoring_elements 0.8385
published_at 2026-04-02T12:55:00Z
3
value 0.02059
scoring_system epss
scoring_elements 0.83865
published_at 2026-04-04T12:55:00Z
4
value 0.02059
scoring_system epss
scoring_elements 0.83867
published_at 2026-04-07T12:55:00Z
5
value 0.02059
scoring_system epss
scoring_elements 0.83891
published_at 2026-04-08T12:55:00Z
6
value 0.02059
scoring_system epss
scoring_elements 0.83897
published_at 2026-04-09T12:55:00Z
7
value 0.02059
scoring_system epss
scoring_elements 0.83913
published_at 2026-04-11T12:55:00Z
8
value 0.02059
scoring_system epss
scoring_elements 0.83908
published_at 2026-04-12T12:55:00Z
9
value 0.02059
scoring_system epss
scoring_elements 0.83904
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-1918
3
reference_url https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=140589
reference_id
reference_type
scores
url https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=140589
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1918
5
reference_url http://secunia.com/advisories/18988
reference_id
reference_type
scores
url http://secunia.com/advisories/18988
6
reference_url http://secunia.com/advisories/19130
reference_id
reference_type
scores
url http://secunia.com/advisories/19130
7
reference_url http://secunia.com/advisories/19183
reference_id
reference_type
scores
url http://secunia.com/advisories/19183
8
reference_url http://secunia.com/advisories/20397
reference_id
reference_type
scores
url http://secunia.com/advisories/20397
9
reference_url http://securitytracker.com/id?1015655
reference_id
reference_type
scores
url http://securitytracker.com/id?1015655
10
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9946
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9946
11
reference_url http://support.avaya.com/elmodocs2/security/ASA-2006-110.htm
reference_id
reference_type
scores
url http://support.avaya.com/elmodocs2/security/ASA-2006-110.htm
12
reference_url http://www.novell.com/linux/security/advisories/2006_05_sr.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2006_05_sr.html
13
reference_url http://www.redhat.com/support/errata/RHSA-2006-0195.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2006-0195.html
14
reference_url http://www.securityfocus.com/archive/1/430297/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/430297/100/0/threaded
15
reference_url http://www.securityfocus.com/bid/5834
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/5834
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=140589
reference_id 140589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=140589
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:1.13.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gnu:tar:1.13.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:1.13.25:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
reference_id cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
reference_id cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2005-1918
reference_id CVE-2005-1918
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2005-1918
31
reference_url https://access.redhat.com/errata/RHSA-2006:0195
reference_id RHSA-2006:0195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0195
fixed_packages
0
url pkg:deb/debian/tar@1.14-2.4
purl pkg:deb/debian/tar@1.14-2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6znq-56pa-tyet
1
vulnerability VCID-bjve-yt21-5uhe
2
vulnerability VCID-ft5f-trap-43fa
3
vulnerability VCID-hq66-w1de-eqe9
4
vulnerability VCID-k3h6-k26e-vke3
5
vulnerability VCID-pkfu-tkaw-m7ba
6
vulnerability VCID-rpve-2nqs-mucp
7
vulnerability VCID-svwr-123p-skeq
8
vulnerability VCID-vzdf-6u9d-bfax
9
vulnerability VCID-zakj-27p6-6kbf
10
vulnerability VCID-zn6w-f898-tqgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.14-2.4
aliases CVE-2005-1918
risk_score 1.1
exploitability 0.5
weighted_severity 2.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rufk-zs3j-9qf6
9
url VCID-svwr-123p-skeq
vulnerability_id VCID-svwr-123p-skeq
summary A vulnerability in Tar could led to a Denial of Service condition.
references
0
reference_url http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454
reference_id
reference_type
scores
url http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454
1
reference_url http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html
reference_id
reference_type
scores
url http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20482.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20482.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20482
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05338
published_at 2026-04-01T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05546
published_at 2026-04-21T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.0543
published_at 2026-04-12T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05424
published_at 2026-04-13T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05379
published_at 2026-04-16T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05382
published_at 2026-04-18T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.0538
published_at 2026-04-02T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.0541
published_at 2026-04-04T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05416
published_at 2026-04-07T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05451
published_at 2026-04-08T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05473
published_at 2026-04-09T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05444
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20482
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html
8
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00025.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/11/msg00025.html
9
reference_url https://news.ycombinator.com/item?id=18745431
reference_id
reference_type
scores
url https://news.ycombinator.com/item?id=18745431
10
reference_url https://twitter.com/thatcks/status/1076166645708668928
reference_id
reference_type
scores
url https://twitter.com/thatcks/status/1076166645708668928
11
reference_url https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug
reference_id
reference_type
scores
url https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug
12
reference_url http://www.securityfocus.com/bid/106354
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106354
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1662346
reference_id 1662346
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1662346
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377
reference_id 917377
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377
15
reference_url https://security.archlinux.org/ASA-201901-1
reference_id ASA-201901-1
reference_type
scores
url https://security.archlinux.org/ASA-201901-1
16
reference_url https://security.archlinux.org/AVG-841
reference_id AVG-841
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-841
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-20482
reference_id CVE-2018-20482
reference_type
scores
0
value 1.9
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:N/I:N/A:P
1
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-20482
22
reference_url https://security.gentoo.org/glsa/201903-05
reference_id GLSA-201903-05
reference_type
scores
url https://security.gentoo.org/glsa/201903-05
23
reference_url https://usn.ubuntu.com/4692-1/
reference_id USN-4692-1
reference_type
scores
url https://usn.ubuntu.com/4692-1/
fixed_packages
0
url pkg:deb/debian/tar@1.30%2Bdfsg-6
purl pkg:deb/debian/tar@1.30%2Bdfsg-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjve-yt21-5uhe
1
vulnerability VCID-hq66-w1de-eqe9
2
vulnerability VCID-pkfu-tkaw-m7ba
3
vulnerability VCID-rpve-2nqs-mucp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.30%252Bdfsg-6
aliases CVE-2018-20482
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svwr-123p-skeq
10
url VCID-vzdf-6u9d-bfax
vulnerability_id VCID-vzdf-6u9d-bfax
summary 
A path traversal attack in Tar may lead to the remote execution of
    arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6321.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6321.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6321
reference_id
reference_type
scores
0
value 0.11143
scoring_system epss
scoring_elements 0.93506
published_at 2026-04-21T12:55:00Z
1
value 0.11143
scoring_system epss
scoring_elements 0.93448
published_at 2026-04-02T12:55:00Z
2
value 0.11143
scoring_system epss
scoring_elements 0.93456
published_at 2026-04-04T12:55:00Z
3
value 0.11143
scoring_system epss
scoring_elements 0.93457
published_at 2026-04-07T12:55:00Z
4
value 0.11143
scoring_system epss
scoring_elements 0.93465
published_at 2026-04-08T12:55:00Z
5
value 0.11143
scoring_system epss
scoring_elements 0.93468
published_at 2026-04-09T12:55:00Z
6
value 0.11143
scoring_system epss
scoring_elements 0.93474
published_at 2026-04-13T12:55:00Z
7
value 0.11143
scoring_system epss
scoring_elements 0.93473
published_at 2026-04-12T12:55:00Z
8
value 0.11143
scoring_system epss
scoring_elements 0.93493
published_at 2026-04-16T12:55:00Z
9
value 0.11143
scoring_system epss
scoring_elements 0.93499
published_at 2026-04-18T12:55:00Z
10
value 0.11143
scoring_system epss
scoring_elements 0.9344
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6321
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6321
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6321
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://seclists.org/fulldisclosure/2016/Oct/102
reference_id 102
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url http://seclists.org/fulldisclosure/2016/Oct/102
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1318562
reference_id 1318562
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1318562
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842339
reference_id 842339
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842339
7
reference_url http://www.securityfocus.com/bid/93937
reference_id 93937
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url http://www.securityfocus.com/bid/93937
8
reference_url http://seclists.org/fulldisclosure/2016/Oct/96
reference_id 96
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url http://seclists.org/fulldisclosure/2016/Oct/96
9
reference_url https://security.archlinux.org/ASA-201611-11
reference_id ASA-201611-11
reference_type
scores
url https://security.archlinux.org/ASA-201611-11
10
reference_url https://security.archlinux.org/AVG-64
reference_id AVG-64
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-64
11
reference_url http://www.debian.org/security/2016/dsa-3702
reference_id dsa-3702
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url http://www.debian.org/security/2016/dsa-3702
12
reference_url https://security.gentoo.org/glsa/201611-19
reference_id GLSA-201611-19
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url https://security.gentoo.org/glsa/201611-19
13
reference_url http://packetstormsecurity.com/files/139370/GNU-tar-1.29-Extract-Pathname-Bypass.html
reference_id GNU-tar-1.29-Extract-Pathname-Bypass.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url http://packetstormsecurity.com/files/139370/GNU-tar-1.29-Extract-Pathname-Bypass.html
14
reference_url http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d
reference_id ?id=7340f67b9860ea0531c1450e5aa261c50f67165d
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d
15
reference_url http://lists.gnu.org/archive/html/bug-tar/2016-10/msg00016.html
reference_id msg00016.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url http://lists.gnu.org/archive/html/bug-tar/2016-10/msg00016.html
16
reference_url https://sintonen.fi/advisories/tar-extract-pathname-bypass.proper.txt
reference_id tar-extract-pathname-bypass.proper.txt
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url https://sintonen.fi/advisories/tar-extract-pathname-bypass.proper.txt
17
reference_url https://usn.ubuntu.com/3132-1/
reference_id USN-3132-1
reference_type
scores
url https://usn.ubuntu.com/3132-1/
18
reference_url http://www.ubuntu.com/usn/USN-3132-1
reference_id USN-3132-1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:54:23Z/
url http://www.ubuntu.com/usn/USN-3132-1
fixed_packages
0
url pkg:deb/debian/tar@1.27.1-2%2Bdeb8u1
purl pkg:deb/debian/tar@1.27.1-2%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjve-yt21-5uhe
1
vulnerability VCID-hq66-w1de-eqe9
2
vulnerability VCID-pkfu-tkaw-m7ba
3
vulnerability VCID-rpve-2nqs-mucp
4
vulnerability VCID-svwr-123p-skeq
5
vulnerability VCID-vzdf-6u9d-bfax
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.27.1-2%252Bdeb8u1
1
url pkg:deb/debian/tar@1.29b-1.1
purl pkg:deb/debian/tar@1.29b-1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjve-yt21-5uhe
1
vulnerability VCID-hq66-w1de-eqe9
2
vulnerability VCID-pkfu-tkaw-m7ba
3
vulnerability VCID-rpve-2nqs-mucp
4
vulnerability VCID-svwr-123p-skeq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.29b-1.1
aliases CVE-2016-6321
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vzdf-6u9d-bfax
11
url VCID-zakj-27p6-6kbf
vulnerability_id VCID-zakj-27p6-6kbf
summary 
A buffer overflow flaw in GNU Tar could result in execution of
    arbitrary code or a Denial of Service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0624.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0624.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0624
reference_id
reference_type
scores
0
value 0.01474
scoring_system epss
scoring_elements 0.80894
published_at 2026-04-01T12:55:00Z
1
value 0.01474
scoring_system epss
scoring_elements 0.80902
published_at 2026-04-02T12:55:00Z
2
value 0.01474
scoring_system epss
scoring_elements 0.80925
published_at 2026-04-04T12:55:00Z
3
value 0.01474
scoring_system epss
scoring_elements 0.80923
published_at 2026-04-07T12:55:00Z
4
value 0.01474
scoring_system epss
scoring_elements 0.80951
published_at 2026-04-13T12:55:00Z
5
value 0.01474
scoring_system epss
scoring_elements 0.80958
published_at 2026-04-09T12:55:00Z
6
value 0.01474
scoring_system epss
scoring_elements 0.80973
published_at 2026-04-11T12:55:00Z
7
value 0.01474
scoring_system epss
scoring_elements 0.8096
published_at 2026-04-12T12:55:00Z
8
value 0.01474
scoring_system epss
scoring_elements 0.80988
published_at 2026-04-16T12:55:00Z
9
value 0.01474
scoring_system epss
scoring_elements 0.8099
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0624
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=564368
reference_id 564368
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=564368
4
reference_url https://security.gentoo.org/glsa/201111-11
reference_id GLSA-201111-11
reference_type
scores
url https://security.gentoo.org/glsa/201111-11
5
reference_url https://security.gentoo.org/glsa/201311-21
reference_id GLSA-201311-21
reference_type
scores
url https://security.gentoo.org/glsa/201311-21
6
reference_url https://access.redhat.com/errata/RHSA-2010:0141
reference_id RHSA-2010:0141
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0141
7
reference_url https://access.redhat.com/errata/RHSA-2010:0142
reference_id RHSA-2010:0142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0142
8
reference_url https://access.redhat.com/errata/RHSA-2010:0143
reference_id RHSA-2010:0143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0143
9
reference_url https://access.redhat.com/errata/RHSA-2010:0144
reference_id RHSA-2010:0144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0144
10
reference_url https://access.redhat.com/errata/RHSA-2010:0145
reference_id RHSA-2010:0145
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0145
11
reference_url https://usn.ubuntu.com/2456-1/
reference_id USN-2456-1
reference_type
scores
url https://usn.ubuntu.com/2456-1/
fixed_packages
0
url pkg:deb/debian/tar@1.23-3
purl pkg:deb/debian/tar@1.23-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjve-yt21-5uhe
1
vulnerability VCID-hq66-w1de-eqe9
2
vulnerability VCID-pkfu-tkaw-m7ba
3
vulnerability VCID-rpve-2nqs-mucp
4
vulnerability VCID-svwr-123p-skeq
5
vulnerability VCID-vzdf-6u9d-bfax
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.23-3
aliases CVE-2010-0624
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zakj-27p6-6kbf
12
url VCID-zn6w-f898-tqgd
vulnerability_id VCID-zn6w-f898-tqgd
summary 
Tar is vulnerable to directory traversal possibly allowing for the
    overwriting of arbitrary files.
references
0
reference_url ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
reference_id
reference_type
scores
url ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
1
reference_url http://docs.info.apple.com/article.html?artnum=305214
reference_id
reference_type
scores
url http://docs.info.apple.com/article.html?artnum=305214
2
reference_url http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html
reference_id
reference_type
scores
url http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html
3
reference_url http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
4
reference_url http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html
reference_id
reference_type
scores
url http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2006-0749.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2006-0749.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6097.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6097.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6097
reference_id
reference_type
scores
0
value 0.10442
scoring_system epss
scoring_elements 0.93255
published_at 2026-04-21T12:55:00Z
1
value 0.10442
scoring_system epss
scoring_elements 0.932
published_at 2026-04-01T12:55:00Z
2
value 0.10442
scoring_system epss
scoring_elements 0.93209
published_at 2026-04-02T12:55:00Z
3
value 0.10442
scoring_system epss
scoring_elements 0.93213
published_at 2026-04-04T12:55:00Z
4
value 0.10442
scoring_system epss
scoring_elements 0.93211
published_at 2026-04-07T12:55:00Z
5
value 0.10442
scoring_system epss
scoring_elements 0.93219
published_at 2026-04-08T12:55:00Z
6
value 0.10442
scoring_system epss
scoring_elements 0.93224
published_at 2026-04-09T12:55:00Z
7
value 0.10442
scoring_system epss
scoring_elements 0.93228
published_at 2026-04-11T12:55:00Z
8
value 0.10442
scoring_system epss
scoring_elements 0.93225
published_at 2026-04-12T12:55:00Z
9
value 0.10442
scoring_system epss
scoring_elements 0.93227
published_at 2026-04-13T12:55:00Z
10
value 0.10442
scoring_system epss
scoring_elements 0.93243
published_at 2026-04-16T12:55:00Z
11
value 0.10442
scoring_system epss
scoring_elements 0.93248
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6097
8
reference_url https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937
reference_id
reference_type
scores
url https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
10
reference_url http://secunia.com/advisories/23115
reference_id
reference_type
scores
url http://secunia.com/advisories/23115
11
reference_url http://secunia.com/advisories/23117
reference_id
reference_type
scores
url http://secunia.com/advisories/23117
12
reference_url http://secunia.com/advisories/23142
reference_id
reference_type
scores
url http://secunia.com/advisories/23142
13
reference_url http://secunia.com/advisories/23146
reference_id
reference_type
scores
url http://secunia.com/advisories/23146
14
reference_url http://secunia.com/advisories/23163
reference_id
reference_type
scores
url http://secunia.com/advisories/23163
15
reference_url http://secunia.com/advisories/23173
reference_id
reference_type
scores
url http://secunia.com/advisories/23173
16
reference_url http://secunia.com/advisories/23198
reference_id
reference_type
scores
url http://secunia.com/advisories/23198
17
reference_url http://secunia.com/advisories/23209
reference_id
reference_type
scores
url http://secunia.com/advisories/23209
18
reference_url http://secunia.com/advisories/23314
reference_id
reference_type
scores
url http://secunia.com/advisories/23314
19
reference_url http://secunia.com/advisories/23443
reference_id
reference_type
scores
url http://secunia.com/advisories/23443
20
reference_url http://secunia.com/advisories/23514
reference_id
reference_type
scores
url http://secunia.com/advisories/23514
21
reference_url http://secunia.com/advisories/23911
reference_id
reference_type
scores
url http://secunia.com/advisories/23911
22
reference_url http://secunia.com/advisories/24479
reference_id
reference_type
scores
url http://secunia.com/advisories/24479
23
reference_url http://secunia.com/advisories/24636
reference_id
reference_type
scores
url http://secunia.com/advisories/24636
24
reference_url http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc
reference_id
reference_type
scores
url http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc
25
reference_url http://security.gentoo.org/glsa/glsa-200612-10.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200612-10.xml
26
reference_url http://securityreason.com/securityalert/1918
reference_id
reference_type
scores
url http://securityreason.com/securityalert/1918
27
reference_url http://securitytracker.com/id?1017423
reference_id
reference_type
scores
url http://securitytracker.com/id?1017423
28
reference_url https://issues.rpath.com/browse/RPL-821
reference_id
reference_type
scores
url https://issues.rpath.com/browse/RPL-821
29
reference_url http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379
reference_id
reference_type
scores
url http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379
30
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963
31
reference_url http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm
reference_id
reference_type
scores
url http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm
32
reference_url http://www.debian.org/security/2006/dsa-1223
reference_id
reference_type
scores
url http://www.debian.org/security/2006/dsa-1223
33
reference_url http://www.mandriva.com/security/advisories?name=MDKSA-2006:219
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDKSA-2006:219
34
reference_url http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html
reference_id
reference_type
scores
url http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html
35
reference_url http://www.securityfocus.com/archive/1/453286/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/453286/100/0/threaded
36
reference_url http://www.securityfocus.com/archive/1/464268/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/464268/100/0/threaded
37
reference_url http://www.securityfocus.com/bid/21235
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/21235
38
reference_url http://www.trustix.org/errata/2006/0068/
reference_id
reference_type
scores
url http://www.trustix.org/errata/2006/0068/
39
reference_url http://www.ubuntu.com/usn/usn-385-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/usn-385-1
40
reference_url http://www.us-cert.gov/cas/techalerts/TA07-072A.html
reference_id
reference_type
scores
url http://www.us-cert.gov/cas/techalerts/TA07-072A.html
41
reference_url http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
reference_id
reference_type
scores
url http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
42
reference_url http://www.vupen.com/english/advisories/2006/4717
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2006/4717
43
reference_url http://www.vupen.com/english/advisories/2006/5102
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2006/5102
44
reference_url http://www.vupen.com/english/advisories/2007/0930
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/0930
45
reference_url http://www.vupen.com/english/advisories/2007/1171
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/1171
46
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618237
reference_id 1618237
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618237
47
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=399845
reference_id 399845
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=399845
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:1.15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gnu:tar:1.15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:1.15.1:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:1.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gnu:tar:1.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:tar:1.16:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/detail/CVE-2006-6097
reference_id CVE-2006-6097
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2006-6097
51
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29160.c
reference_id CVE-2006-6097;OSVDB-30721
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29160.c
52
reference_url https://www.securityfocus.com/bid/21235/info
reference_id CVE-2006-6097;OSVDB-30721
reference_type exploit
scores
url https://www.securityfocus.com/bid/21235/info
53
reference_url https://security.gentoo.org/glsa/200612-10
reference_id GLSA-200612-10
reference_type
scores
url https://security.gentoo.org/glsa/200612-10
54
reference_url https://access.redhat.com/errata/RHSA-2006:0749
reference_id RHSA-2006:0749
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0749
55
reference_url https://usn.ubuntu.com/385-1/
reference_id USN-385-1
reference_type
scores
url https://usn.ubuntu.com/385-1/
fixed_packages
0
url pkg:deb/debian/tar@1.16-2
purl pkg:deb/debian/tar@1.16-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjve-yt21-5uhe
1
vulnerability VCID-ft5f-trap-43fa
2
vulnerability VCID-hq66-w1de-eqe9
3
vulnerability VCID-k3h6-k26e-vke3
4
vulnerability VCID-pkfu-tkaw-m7ba
5
vulnerability VCID-rpve-2nqs-mucp
6
vulnerability VCID-svwr-123p-skeq
7
vulnerability VCID-vzdf-6u9d-bfax
8
vulnerability VCID-zakj-27p6-6kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.16-2
aliases CVE-2006-6097
risk_score 7.2
exploitability 2.0
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zn6w-f898-tqgd
Fixing_vulnerabilities
Risk_score7.2
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/tar@1.12-7