VDB
GCVE-110-MAGEIA-2026-230
GCVE-110-MAGEIA-2026-230
Advisory Published
The updated package fixes security vulnerabilities:
Archive::Tar versions before 3.08 for Perl extract symlinks with
attacker controlled targets outside the extraction directory.
(CVE-2026-42496)
Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker
controlled paths outside the extraction directory. (CVE-2026-42497)
Archive::Tar versions before 3.10 for Perl allow memory exhaustion via
attacker controlled entry size field in tar header. (CVE-2026-9538)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | perl-Archive-Tar | 0 (affected), 2.380.0-2.1.mga9 (unaffected) | — |
References
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.