VulnerableCode Package Details - pkg:deb/debian/tar@1.12-7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/tar@1.12-7

Essentials
History (42)

purl	pkg:deb/debian/tar@1.12-7

Next non-vulnerable version	1.34+dfsg-1+deb11u1
Latest non-vulnerable version	1.34+dfsg-1+deb11u1
Risk	7.2

Vulnerabilities affecting this package (13)

Vulnerability	Summary	Fixed by
VCID-6znq-56pa-tyet Aliases: CVE-2006-0300	A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code.	1.16-2 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-bjve-yt21-5uhe Aliases: CVE-2021-20193	A vulnerability in Tar could lead to a Denial of Service condition.	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-c117-938e-pkbm Aliases: CVE-2002-1216	security flaw	1.13.25-2 Affected by 12 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ft5f-trap-43fa Aliases: CVE-2007-4476	GNU cpio contains a buffer overflow vulnerability, possibly resulting in a Denial of Service.	1.20-1+lenny1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hq66-w1de-eqe9 Aliases: CVE-2023-39804	tar: Incorrectly handled extension attributes in PAX archives can lead to a crash	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-k3h6-k26e-vke3 Aliases: CVE-2007-4131	A directory traversal vulnerability has been discovered in GNU Tar.	1.20-1+lenny1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pkfu-tkaw-m7ba Aliases: CVE-2022-48303	A vulnerability has been discovered in GNU Tar which may lead to an out of bounds read.	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-rpve-2nqs-mucp Aliases: CVE-2019-9923	tar: null-pointer dereference in pax_decode_header in sparse.c	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-rufk-zs3j-9qf6 Aliases: CVE-2005-1918	tar archive path traversal issue	1.14-2.4 Affected by 11 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-svwr-123p-skeq Aliases: CVE-2018-20482	A vulnerability in Tar could led to a Denial of Service condition.	1.30+dfsg-6 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vzdf-6u9d-bfax Aliases: CVE-2016-6321	A path traversal attack in Tar may lead to the remote execution of arbitrary code.	1.27.1-2+deb8u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.29b-1.1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zakj-27p6-6kbf Aliases: CVE-2010-0624	A buffer overflow flaw in GNU Tar could result in execution of arbitrary code or a Denial of Service.	1.23-3 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zn6w-f898-tqgd Aliases: CVE-2006-6097	Tar is vulnerable to directory traversal possibly allowing for the overwriting of arbitrary files.	1.16-2 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:41:56.092293+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:26:22.201957+00:00	Debian Oval Importer	Affected by	VCID-rufk-zs3j-9qf6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:09:26.430586+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:17:15.631627+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:15:15.048205+00:00	Debian Oval Importer	Affected by	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:57:55.614966+00:00	Debian Oval Importer	Affected by	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:51:16.438978+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:11:58.472312+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:31:07.334104+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:11:57.683709+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:55:16.349296+00:00	Debian Oval Importer	Affected by	VCID-c117-938e-pkbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:27:47.946824+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:30:19.531394+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T13:31:26.690587+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.4.0
2026-04-11T23:16:42.213531+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:01:46.060903+00:00	Debian Oval Importer	Affected by	VCID-rufk-zs3j-9qf6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:45:25.808623+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:56:56.737028+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:57:02.907295+00:00	Debian Oval Importer	Affected by	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:42:07.456898+00:00	Debian Oval Importer	Affected by	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:35:48.766386+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:57:25.766315+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:17:28.663582+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:58:31.543314+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:41:58.059682+00:00	Debian Oval Importer	Affected by	VCID-c117-938e-pkbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:14:58.850273+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:18:21.063395+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T13:20:07.646693+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.3.0
2026-04-08T22:50:09.595588+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:35:43.107583+00:00	Debian Oval Importer	Affected by	VCID-rufk-zs3j-9qf6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:20:13.975497+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:36:16.413786+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:38:56.555982+00:00	Debian Oval Importer	Affected by	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:27:13.566864+00:00	Debian Oval Importer	Affected by	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:20:55.635769+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:44:12.480316+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:06:01.278386+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:48:06.147789+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:32:28.178713+00:00	Debian Oval Importer	Affected by	VCID-c117-938e-pkbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:07:16.531789+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:13:04.419296+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T21:56:03.104195+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.1.0