Severity
3.3
Low severity
Details
- CVSS score
- 3.3
- CVSS vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Overview
About vulnerability
A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.Details
- Affected product:
- CentOS 6 ELS , CentOS 7 ELS , CentOS 8.4 ELS , CentOS 8.5 ELS , CloudLinux 6 ELS , Debian 10 ELS , Oracle Linux 6 ELS , Ubuntu 16.04 ELS , Ubuntu 18.04 ELS
- Affected packages:
- tar @ 1.30-5 (+8 more)