VulnerableCode Package Details - pkg:deb/debian/tar@1.13.17-2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/tar@1.13.17-2

Essentials
History (42)

purl	pkg:deb/debian/tar@1.13.17-2

Next non-vulnerable version	1.34+dfsg-1+deb11u1
Latest non-vulnerable version	1.34+dfsg-1+deb11u1
Risk	7.2

Vulnerabilities affecting this package (13)

Vulnerability	Summary	Fixed by
VCID-6znq-56pa-tyet Aliases: CVE-2006-0300	A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code.	1.16-2 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-bjve-yt21-5uhe Aliases: CVE-2021-20193	A vulnerability in Tar could lead to a Denial of Service condition.	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-c117-938e-pkbm Aliases: CVE-2002-1216	security flaw	1.13.25-2 Affected by 12 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ft5f-trap-43fa Aliases: CVE-2007-4476	GNU cpio contains a buffer overflow vulnerability, possibly resulting in a Denial of Service.	1.20-1+lenny1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hq66-w1de-eqe9 Aliases: CVE-2023-39804	tar: Incorrectly handled extension attributes in PAX archives can lead to a crash	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-k3h6-k26e-vke3 Aliases: CVE-2007-4131	A directory traversal vulnerability has been discovered in GNU Tar.	1.20-1+lenny1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pkfu-tkaw-m7ba Aliases: CVE-2022-48303	A vulnerability has been discovered in GNU Tar which may lead to an out of bounds read.	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-rpve-2nqs-mucp Aliases: CVE-2019-9923	tar: null-pointer dereference in pax_decode_header in sparse.c	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-rufk-zs3j-9qf6 Aliases: CVE-2005-1918	tar archive path traversal issue	1.14-2.4 Affected by 11 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-svwr-123p-skeq Aliases: CVE-2018-20482	A vulnerability in Tar could led to a Denial of Service condition.	1.30+dfsg-6 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vzdf-6u9d-bfax Aliases: CVE-2016-6321	A path traversal attack in Tar may lead to the remote execution of arbitrary code.	1.27.1-2+deb8u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.29b-1.1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zakj-27p6-6kbf Aliases: CVE-2010-0624	A buffer overflow flaw in GNU Tar could result in execution of arbitrary code or a Denial of Service.	1.23-3 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zn6w-f898-tqgd Aliases: CVE-2006-6097	Tar is vulnerable to directory traversal possibly allowing for the overwriting of arbitrary files.	1.16-2 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:41:56.096544+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:26:22.205683+00:00	Debian Oval Importer	Affected by	VCID-rufk-zs3j-9qf6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:09:26.434606+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:17:15.635328+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:15:15.051734+00:00	Debian Oval Importer	Affected by	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:57:55.619196+00:00	Debian Oval Importer	Affected by	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:51:16.442534+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:11:58.475905+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:31:07.337589+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:11:57.685221+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:55:16.352800+00:00	Debian Oval Importer	Affected by	VCID-c117-938e-pkbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:27:47.950501+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:30:19.534821+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T13:31:26.693976+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.4.0
2026-04-11T23:16:42.217538+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:01:46.064698+00:00	Debian Oval Importer	Affected by	VCID-rufk-zs3j-9qf6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:45:25.812334+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:56:56.740658+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:57:02.911294+00:00	Debian Oval Importer	Affected by	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:42:07.460627+00:00	Debian Oval Importer	Affected by	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:35:48.770361+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:57:25.770074+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:17:28.667269+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:58:31.547271+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:41:58.063776+00:00	Debian Oval Importer	Affected by	VCID-c117-938e-pkbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:14:58.854445+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:18:21.067514+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T13:20:07.650519+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.3.0
2026-04-08T22:50:09.599505+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:35:43.109273+00:00	Debian Oval Importer	Affected by	VCID-rufk-zs3j-9qf6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:20:13.979922+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:36:16.420100+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:38:56.560392+00:00	Debian Oval Importer	Affected by	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:27:13.571720+00:00	Debian Oval Importer	Affected by	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:20:55.640544+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:44:12.484601+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:06:01.282703+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:48:06.152485+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:32:28.182849+00:00	Debian Oval Importer	Affected by	VCID-c117-938e-pkbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:07:16.536175+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:13:04.424207+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T21:56:03.108928+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.1.0