VDB

ALPINE-CVE-2021-20193

ALPINE-CVE-2021-20193 PUBLISHED CVSS 3.299999952316284 LOW

A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.

Risk Scores

CVSS v3.1
3.299999952316284
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products

VendorProductVersions
Alpine:v3.23tar1.28-r0, 1.33-r1, 1.33-r0
Alpine:v3.18tar1.33-r0, 1.30-r0, 0
Alpine:v3.19tar1.22-r0, 1.33-r1, 1.33-r0
Alpine:v3.11tar1.24-r0, 1.32-r1, 1.32-r0
Alpine:v3.21tar1.24-r0, 1.22-r1, 1.23-r1
Alpine:v3.16tar1.30-r1, 1.31-r0, 1.32-r0
Alpine:v3.10tar1.24-r0, 1.23-r1, 1.23-r0
Alpine:v3.13tar1.32-r0, 0, 1.21-r0
Alpine:v3.12tar1.22-r0, 1.21-r0, 0
Alpine:v3.14tar1.30-r0, 1.33-r1, 1.33-r0
Alpine:v3.17tar1.28-r0, 1.27.1-r0, 1.27-r0
Alpine:v3.20tar1.22-r1, 1.33-r1, 1.33-r0
Alpine:v3.15tar1.26-r1, 0, 1.21-r0
Alpine:v3.22tar1.26-r0, 1.27-r0, 1.27.1-r0

Timeline

  • Mar 26, 2021 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›