QwikSec

Security Database

CVE

CWE

Training

CVE-2022-48303

Published: Jan 30, 2023

Modified: Mar 27, 2025

PUBLISHED

Description

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://savannah.gnu.org/bugs/?62387

https://savannah.gnu.org/patch/?10307

FEDORA-2023-123778d70d

vendor-advisory

FEDORA-2023-f72d3caf36

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.