What the vulnerability does

01Description

A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.

Key dates

02Disclosure timeline

March 26, 2021 CVE published
August 3, 2024 Record updated