VulnerableCode Package Details - pkg:deb/debian/tar@1.14-2.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/tar@1.14-2.4

Essentials
History (39)

purl	pkg:deb/debian/tar@1.14-2.4

Next non-vulnerable version	1.34+dfsg-1+deb11u1
Latest non-vulnerable version	1.34+dfsg-1+deb11u1
Risk	7.2

Vulnerabilities affecting this package (11)

Vulnerability	Summary	Fixed by
VCID-6znq-56pa-tyet Aliases: CVE-2006-0300	A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code.	1.16-2 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-bjve-yt21-5uhe Aliases: CVE-2021-20193	A vulnerability in Tar could lead to a Denial of Service condition.	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-ft5f-trap-43fa Aliases: CVE-2007-4476	GNU cpio contains a buffer overflow vulnerability, possibly resulting in a Denial of Service.	1.20-1+lenny1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hq66-w1de-eqe9 Aliases: CVE-2023-39804	tar: Incorrectly handled extension attributes in PAX archives can lead to a crash	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-k3h6-k26e-vke3 Aliases: CVE-2007-4131	A directory traversal vulnerability has been discovered in GNU Tar.	1.20-1+lenny1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pkfu-tkaw-m7ba Aliases: CVE-2022-48303	A vulnerability has been discovered in GNU Tar which may lead to an out of bounds read.	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-rpve-2nqs-mucp Aliases: CVE-2019-9923	tar: null-pointer dereference in pax_decode_header in sparse.c	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-svwr-123p-skeq Aliases: CVE-2018-20482	A vulnerability in Tar could led to a Denial of Service condition.	1.30+dfsg-6 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vzdf-6u9d-bfax Aliases: CVE-2016-6321	A path traversal attack in Tar may lead to the remote execution of arbitrary code.	1.27.1-2+deb8u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.29b-1.1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zakj-27p6-6kbf Aliases: CVE-2010-0624	A buffer overflow flaw in GNU Tar could result in execution of arbitrary code or a Denial of Service.	1.23-3 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zn6w-f898-tqgd Aliases: CVE-2006-6097	Tar is vulnerable to directory traversal possibly allowing for the overwriting of arbitrary files.	1.16-2 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-rufk-zs3j-9qf6	tar archive path traversal issue	CVE-2005-1918

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:41:56.105123+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:26:22.212919+00:00	Debian Oval Importer	Fixing	VCID-rufk-zs3j-9qf6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:09:26.442687+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:17:15.642987+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:15:15.058680+00:00	Debian Oval Importer	Affected by	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:57:55.629598+00:00	Debian Oval Importer	Affected by	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:51:16.449730+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:11:58.483126+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:31:07.344648+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:11:57.688252+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:27:47.958234+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:30:19.541510+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T13:31:26.700536+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.4.0
2026-04-11T23:16:42.225003+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:01:46.072520+00:00	Debian Oval Importer	Fixing	VCID-rufk-zs3j-9qf6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:45:25.820088+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:56:56.748012+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:57:02.919334+00:00	Debian Oval Importer	Affected by	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:42:07.468215+00:00	Debian Oval Importer	Affected by	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:35:48.778337+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:57:25.786270+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:17:28.674148+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:58:31.555323+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:14:58.862798+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:18:21.075806+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T13:20:07.658309+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.3.0
2026-04-08T22:50:09.607074+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:35:43.112711+00:00	Debian Oval Importer	Fixing	VCID-rufk-zs3j-9qf6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:20:13.989039+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:36:16.444007+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:38:56.569302+00:00	Debian Oval Importer	Affected by	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:27:13.581247+00:00	Debian Oval Importer	Affected by	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:20:55.649776+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:44:12.492865+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:06:01.291751+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:48:06.161989+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:07:16.544842+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:13:04.433813+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T21:56:03.118491+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.1.0