VDB

GCVE-110-MAGEIA-2016-386

GCVE-110-MAGEIA-2016-386
Advisory Published
Vulnetix · Advisory published November 17, 2016
Harry Sintonen discovered that GNU tar does not properly handle member names containing '..', thus allowing an attacker to bypass the path names specified on the command line and replace files and directories in the target directory (CVE-2016-6321).

Affected Products

VendorProductVersionsPlatforms
Mageiatar0 (affected), 1.28-3.1.mga5 (unaffected)

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›