VulnerableCode Package Details - pkg:deb/debian/tar@1.16-2

Search for packages

Vulnerability	Summary	Fixed by
VCID-bjve-yt21-5uhe Aliases: CVE-2021-20193	A vulnerability in Tar could lead to a Denial of Service condition.	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-ft5f-trap-43fa Aliases: CVE-2007-4476	GNU cpio contains a buffer overflow vulnerability, possibly resulting in a Denial of Service.	1.20-1+lenny1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hq66-w1de-eqe9 Aliases: CVE-2023-39804	tar: Incorrectly handled extension attributes in PAX archives can lead to a crash	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-k3h6-k26e-vke3 Aliases: CVE-2007-4131	A directory traversal vulnerability has been discovered in GNU Tar.	1.20-1+lenny1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pkfu-tkaw-m7ba Aliases: CVE-2022-48303	A vulnerability has been discovered in GNU Tar which may lead to an out of bounds read.	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-rpve-2nqs-mucp Aliases: CVE-2019-9923	tar: null-pointer dereference in pax_decode_header in sparse.c	1.34+dfsg-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-svwr-123p-skeq Aliases: CVE-2018-20482	A vulnerability in Tar could led to a Denial of Service condition.	1.30+dfsg-6 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vzdf-6u9d-bfax Aliases: CVE-2016-6321	A path traversal attack in Tar may lead to the remote execution of arbitrary code.	1.27.1-2+deb8u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1.29b-1.1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zakj-27p6-6kbf Aliases: CVE-2010-0624	A buffer overflow flaw in GNU Tar could result in execution of arbitrary code or a Denial of Service.	1.23-3 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-bjve-yt21-5uhe
Aliases:
CVE-2021-20193

A vulnerability in Tar could lead to a Denial of Service condition.

1.34+dfsg-1+deb11u1
Affected by 0 other vulnerabilities.

VCID-ft5f-trap-43fa
Aliases:
CVE-2007-4476

GNU cpio contains a buffer overflow vulnerability, possibly resulting in a Denial of Service.

1.20-1+lenny1
Affected by 7 other vulnerabilities.

VCID-hq66-w1de-eqe9
Aliases:
CVE-2023-39804

tar: Incorrectly handled extension attributes in PAX archives can lead to a crash

1.34+dfsg-1+deb11u1
Affected by 0 other vulnerabilities.

VCID-k3h6-k26e-vke3
Aliases:
CVE-2007-4131

A directory traversal vulnerability has been discovered in GNU Tar.

1.20-1+lenny1
Affected by 7 other vulnerabilities.

VCID-pkfu-tkaw-m7ba
Aliases:
CVE-2022-48303

A vulnerability has been discovered in GNU Tar which may lead to an out of bounds read.

1.34+dfsg-1+deb11u1
Affected by 0 other vulnerabilities.

VCID-rpve-2nqs-mucp
Aliases:
CVE-2019-9923

tar: null-pointer dereference in pax_decode_header in sparse.c

1.34+dfsg-1+deb11u1
Affected by 0 other vulnerabilities.

VCID-svwr-123p-skeq
Aliases:
CVE-2018-20482

A vulnerability in Tar could led to a Denial of Service condition.

1.30+dfsg-6
Affected by 4 other vulnerabilities.

VCID-vzdf-6u9d-bfax
Aliases:
CVE-2016-6321

A path traversal attack in Tar may lead to the remote execution of arbitrary code.

1.27.1-2+deb8u1
Affected by 6 other vulnerabilities.

1.29b-1.1
Affected by 5 other vulnerabilities.

VCID-zakj-27p6-6kbf
Aliases:
CVE-2010-0624

A buffer overflow flaw in GNU Tar could result in execution of arbitrary code or a Denial of Service.

1.23-3
Affected by 6 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6znq-56pa-tyet	A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code.	CVE-2006-0300
VCID-zn6w-f898-tqgd	Tar is vulnerable to directory traversal possibly allowing for the overwriting of arbitrary files.	CVE-2006-6097

Vulnerability

Summary

Aliases

VCID-6znq-56pa-tyet

A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code.

CVE-2006-0300

VCID-zn6w-f898-tqgd

Tar is vulnerable to directory traversal possibly allowing for the overwriting of arbitrary files.

CVE-2006-6097

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:41:56.109330+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:09:26.446648+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:17:15.646702+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:15:15.062404+00:00	Debian Oval Importer	Fixing	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:57:55.634048+00:00	Debian Oval Importer	Fixing	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:51:16.453268+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:11:58.486769+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:31:07.348120+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:11:57.689747+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:27:47.962034+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:30:19.544932+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T13:31:26.703825+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.4.0
2026-04-11T23:16:42.228835+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:45:25.823959+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:56:56.751755+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:57:02.923433+00:00	Debian Oval Importer	Fixing	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:42:07.472027+00:00	Debian Oval Importer	Fixing	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:35:48.782246+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:57:25.790033+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:17:28.677528+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:58:31.559266+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:14:58.866970+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:18:21.079911+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T13:20:07.662381+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.3.0
2026-04-08T22:50:09.610989+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:20:13.993575+00:00	Debian Oval Importer	Affected by	VCID-zakj-27p6-6kbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:36:16.452652+00:00	Debian Oval Importer	Affected by	VCID-ft5f-trap-43fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:38:56.573624+00:00	Debian Oval Importer	Fixing	VCID-6znq-56pa-tyet	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:27:13.585816+00:00	Debian Oval Importer	Fixing	VCID-zn6w-f898-tqgd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:20:55.658661+00:00	Debian Oval Importer	Affected by	VCID-bjve-yt21-5uhe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:44:12.497016+00:00	Debian Oval Importer	Affected by	VCID-k3h6-k26e-vke3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:06:01.296096+00:00	Debian Oval Importer	Affected by	VCID-svwr-123p-skeq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:48:06.166631+00:00	Debian Oval Importer	Affected by	VCID-pkfu-tkaw-m7ba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:07:16.549170+00:00	Debian Oval Importer	Affected by	VCID-rpve-2nqs-mucp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:13:04.438660+00:00	Debian Oval Importer	Affected by	VCID-hq66-w1de-eqe9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T21:56:03.123206+00:00	Debian Oval Importer	Affected by	VCID-vzdf-6u9d-bfax	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.1.0

2026-04-15T23:41:56.109330+00:00

Debian Oval Importer

Affected by

VCID-vzdf-6u9d-bfax

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T23:09:26.446648+00:00

Debian Oval Importer

Affected by

VCID-zakj-27p6-6kbf

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T21:17:15.646702+00:00

Debian Oval Importer

Affected by

VCID-ft5f-trap-43fa

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T20:15:15.062404+00:00

Debian Oval Importer

Fixing

VCID-6znq-56pa-tyet

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T18:57:55.634048+00:00

Debian Oval Importer

Fixing

VCID-zn6w-f898-tqgd

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T18:51:16.453268+00:00

Debian Oval Importer

Affected by

VCID-bjve-yt21-5uhe

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T18:11:58.486769+00:00

Debian Oval Importer

Affected by

VCID-k3h6-k26e-vke3

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T17:31:07.348120+00:00

Debian Oval Importer

Affected by

VCID-svwr-123p-skeq

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T17:11:57.689747+00:00

Debian Oval Importer

Affected by

VCID-pkfu-tkaw-m7ba

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T16:27:47.962034+00:00

Debian Oval Importer

Affected by

VCID-rpve-2nqs-mucp

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T15:30:19.544932+00:00

Debian Oval Importer

Affected by

VCID-hq66-w1de-eqe9

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T13:31:26.703825+00:00

Debian Oval Importer

Affected by

VCID-vzdf-6u9d-bfax

https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2

38.4.0

2026-04-11T23:16:42.228835+00:00

Debian Oval Importer

Affected by

VCID-vzdf-6u9d-bfax

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T22:45:25.823959+00:00

Debian Oval Importer

Affected by

VCID-zakj-27p6-6kbf

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T20:56:56.751755+00:00

Debian Oval Importer

Affected by

VCID-ft5f-trap-43fa

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T19:57:02.923433+00:00

Debian Oval Importer

Fixing

VCID-6znq-56pa-tyet

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T18:42:07.472027+00:00

Debian Oval Importer

Fixing

VCID-zn6w-f898-tqgd

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T18:35:48.782246+00:00

Debian Oval Importer

Affected by

VCID-bjve-yt21-5uhe

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T17:57:25.790033+00:00

Debian Oval Importer

Affected by

VCID-k3h6-k26e-vke3

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T17:17:28.677528+00:00

Debian Oval Importer

Affected by

VCID-svwr-123p-skeq

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T16:58:31.559266+00:00

Debian Oval Importer

Affected by

VCID-pkfu-tkaw-m7ba

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T16:14:58.866970+00:00

Debian Oval Importer

Affected by

VCID-rpve-2nqs-mucp

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T15:18:21.079911+00:00

Debian Oval Importer

Affected by

VCID-hq66-w1de-eqe9

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T13:20:07.662381+00:00

Debian Oval Importer

Affected by

VCID-vzdf-6u9d-bfax

https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2

38.3.0

2026-04-08T22:50:09.610989+00:00

Debian Oval Importer

Affected by

VCID-vzdf-6u9d-bfax

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T22:20:13.993575+00:00

Debian Oval Importer

Affected by

VCID-zakj-27p6-6kbf

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T20:36:16.452652+00:00

Debian Oval Importer

Affected by

VCID-ft5f-trap-43fa

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T19:38:56.573624+00:00

Debian Oval Importer

Fixing

VCID-6znq-56pa-tyet

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T18:27:13.585816+00:00

Debian Oval Importer

Fixing

VCID-zn6w-f898-tqgd

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T18:20:55.658661+00:00

Debian Oval Importer

Affected by

VCID-bjve-yt21-5uhe

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T17:44:12.497016+00:00

Debian Oval Importer

Affected by

VCID-k3h6-k26e-vke3

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T17:06:01.296096+00:00

Debian Oval Importer

Affected by

VCID-svwr-123p-skeq

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T16:48:06.166631+00:00

Debian Oval Importer

Affected by

VCID-pkfu-tkaw-m7ba

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T16:07:16.549170+00:00

Debian Oval Importer

Affected by

VCID-rpve-2nqs-mucp

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T15:13:04.438660+00:00

Debian Oval Importer

Affected by

VCID-hq66-w1de-eqe9

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-07T21:56:03.123206+00:00

Debian Oval Importer

Affected by

VCID-vzdf-6u9d-bfax

https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2

38.1.0

Next non-vulnerable version	1.34+dfsg-1+deb11u1
Latest non-vulnerable version	1.34+dfsg-1+deb11u1
Risk	3.4